Package impact
Go / github.com/gotenberg/gotenberg/v7
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-27018 | high | 7.5 | 7.5 | 2mo ago | Gotenberg has Chromium deny-list bypass via case-insensitive URL scheme (bypass of GHSA-rh2x-ccvw-q7r3) in github.com/gotenberg/gotenberg | |
| CVE-2026-42592 | medium | 5.3 | 5.3 | 14d ago | Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes |