Package impact
Go / github.com/oxia-db/oxia
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-40944 | unknown | — | — | 2mo ago | Oxia's TLS CA certificate chain validation fails with multi-certificate PEM bundles | |||
| CVE-2026-40943 | unknown | — | — | 2mo ago | Oxia affected by server crash via race condition in session heartbeat handling | |||
| CVE-2026-40946 | unknown | — | — | 2mo ago | Oxia has an OIDC token audience validation bypass via SkipClientIDCheck | |||
| CVE-2026-40945 | unknown | — | — | 2mo ago | Oxia exposes bearer token in debug log messages on authentication failure |