VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/xyproto/algernon

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-45721 critical 9.0 9.0 3d ago Algernon: handler.lua discovery walks parent directories above the server root
CVE-2026-45728 high 7.5 7.5 3d ago Algernon: Single-file mode unconditionally enables debug mode
CVE-2026-46431 medium 4.3 4.3 3d ago Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *
CVE-2026-46430 medium 4.3 4.3 3d ago Algernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOS
CVE-2025-65754 unknown 6mo ago Algernon Cross-Site Scripting vulnerability in github.com/xyproto/algernon
CVE-2023-26131 unknown 3y ago Algernon engine and themes vulnerable to Cross-site Scripting