Package impact
Go / github.com/dunglas/frankenphp
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45062 | high | — | 8.0 | 14d ago | FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files | |||
| CVE-2026-24895 | unknown | — | — | 4mo ago | FrankenPHP's unicode case-folding length expansion causes incorrect split_path index (SCRIPT_NAME/PATH_INFO confusion) in FrankenPHP in github.com/dunglas/frankenphp | |||
| CVE-2026-24894 | unknown | — | — | 4mo ago | FrankenPHP leaks session data between requests in worker mode in github.com/dunglas/frankenphp |