Package impact
Go / github.com/gofiber/fiber/v3
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-30246 | medium | 6.5 | 6.5 | 1mo ago | Fiber's cache middleware default key generator ignores query string, causing response mix-up across distinct query parameters | |||
| CVE-2026-42554 | medium | 6.1 | 6.1 | 23d ago | Fiber vulnerable to XSS in AutoFormat Content Negotiation | |||
| CVE-2026-25882 | unknown | — | — | 3mo ago | Fiber has a Denial of Service Vulnerability via Route Parameter Overflow in github.com/gofiber/fiber | |||
| CVE-2026-25899 | unknown | — | — | 3mo ago | Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation in github.com/gofiber/fiber/v3 | |||
| CVE-2026-25891 | unknown | — | — | 3mo ago | Fiber has an Arbitrary File Read in Static Middleware on Windows in github.com/gofiber/fiber/v3 |