VIR Vulnerability Intelligence Relay

Package impact

golang Go / chainguard.dev/melange

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-29050 medium 5.5 1mo ago melange has Path Traversal When Resolving External Pipelines via Unvalidated pipeline[].uses golang
CVE-2026-29051 low 2.5 1mo ago melange has Path Traversal via .PKGINFO in --persist-lint-results golang