Security Advisories in go
Moderate
34 minutes ago
Gogs has a Denial of Service in repository/wiki file listing web pages
go
gogs.io/gogs
Low
3 days ago
SpiceDB: Checks involving relations with caveats can result in unconditional permission when conditional permission is expected
go
github.com/authzed/spicedb
Moderate
3 days ago
OpenBao: Transit secrets engine crashes on key creation with `derived: true` for asymmetric key types
go
github.com/openbao/openbao
Low
3 days ago
OpenBao's System Backend allows Unauthorized Management of the containing Namespace
go
github.com/openbao/openbao
Low
3 days ago
OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} โ incomplete fix of CVE-2026-45808
go
github.com/openbao/openbao
Moderate
3 days ago
Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms
go
github.com/axllent/mailpit
Moderate
3 days ago
Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails
go
github.com/traefik/traefik/v3
Moderate
3 days ago
go.qbee.io/transport: Symlink-chain path traversal in tar extraction (one level outside destination)
go
go.qbee.io/transport
Moderate
3 days ago
Grafana Operator: Privilege escalation from namespace admin to cluster admin via GrafanaDashboard jsonnetLib fileName
go
github.com/grafana/grafana-operator, github.com/grafana/grafana-operator/v5
Critical
3 days ago
Crossplane: Signature verification TOCTOU allows installing unverified package content via mutable tag
go
github.com/crossplane/crossplane, github.com/crossplane/crossplane/v2
High
3 days ago
Blocky DNSSEC validation bypass and validation-cache scope pollution
go
github.com/0xERR0R/blocky
High
3 days ago
containerd CRI checkpoint restore CDI annotation smuggling
go
github.com/containerd/containerd/v2
High
3 days ago
Arbitrary host CRI log file read via symlink following in CRI checkpoint restore
go
github.com/containerd/containerd/v2
High
3 days ago
containerd CRI โ image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull
go
github.com/containerd/containerd/v2, github.com/containerd/containerd
Moderate
3 days ago
containerd: CRI checkpoint import allows local image tag poisoning
go
github.com/containerd/containerd/v2
Moderate
3 days ago
containerd image-triggered runtime DoS via unbounded group parsing
go
github.com/containerd/containerd/v2, github.com/containerd/containerd
High
3 days ago
Hugo: security.http.urls deny rules bypassed by alternate IPv4 encodings (SSRF)
go
github.com/gohugoio/hugo
Moderate
3 days ago
Hugo: XSS via unescaped code-fence language in default code block renderer
go
github.com/gohugoio/hugo
High
3 days ago
OpenTofu: Possible arbitrary file read during certain git operations via a maliciously crafted URL
go
github.com/opentofu/opentofu
Moderate
3 days ago
Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind
go
github.com/entireio/cli
Moderate
3 days ago
OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset
go
github.com/openfga/openfga
Critical
3 days ago
Tilt: Missing authentication on the network-exposed Tilt HUD server
go
github.com/tilt-dev/tilt
High
3 days ago
Tilt: Cross-site WebSocket hijacking of the Tilt HUD stream
go
github.com/tilt-dev/tilt
High
3 days ago
Tilt: Unauthenticated pprof debug endpoints on the Tilt HUD server
go
github.com/tilt-dev/tilt
Moderate
3 days ago
Canonical MicroCeph: path traversal issue in the remote-import AP
go
github.com/canonical/microceph/microceph
Moderate
4 days ago
Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox โ cross-tenant data access and host escape
go
github.com/daytonaio/daytona
High
4 days ago
MCP Toolbox for Databases: authenticated authorization bypass
go
github.com/googleapis/mcp-toolbox
Critical
4 days ago
googleapis/mcp-toolbox: authentication bypass vulnerability in the generic opaque token validation path (validateOpaqueToken)
go
github.com/googleapis/mcp-toolbox
Critical
4 days ago
googleapis/mcp-toolbox: authentication bypass vulnerability in the generic opaque token validation path (validateOpaqueToken)
go
github.com/googleapis/mcp-toolbox
Moderate
4 days ago
opentelemetry-collector-contrib: githubreceiver silently ignores configured required_headers authentication
go
github.com/open-telemetry/opentelemetry-collector-contrib/receiver/githubreceiver
Moderate
4 days ago
opentelemetry-collector-contrib sentryexporter: Path traversal in Sentry exporter via attacker-controlled service.name reaches privileged Sentry API endpoints with operator bearer token
go
github.com/open-telemetry/opentelemetry-collector-contrib/exporter/sentryexporter
Moderate
4 days ago
Podman: WORKDIR symlink traversal vulnerability
go
github.com/containers/podman/v3, github.com/containers/podman/v4, github.com/containers/podman/v5
High
4 days ago
Heimdall: Forwarded Header Injection via Unsanitized Host Header in Proxy Mode
go
github.com/dadrus/heimdall
High
4 days ago
Heimdall: IP Spoofing via Unvalidated Forwarding Headers
go
https://github.com/dadrus/heimdall
Moderate
4 days ago
ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider
go
github.com/zitadel/zitadel
Moderate
4 days ago
ZITADEL: Missing Token Lifecyle Validation (`exp` and `iat`) in JWT IdP Provider
go
github.com/zitadel/zitadel
High
4 days ago
ZITADEL: Missing client_id binding in OIDC authorization code exchange and refresh token flows (RFC 6749 Section 4.1.3 violation)
go
github.com/zitadel/zitadel
Low
4 days ago
ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers
go
github.com/zitadel/zitadel
High
4 days ago
Docker MCP Gateway: Argument injection via OCI image label YAML
go
github.com/docker/mcp-gateway
High
4 days ago
Gotenberg: SSRF via LibreOffice document processing
go
github.com/gotenberg/gotenberg/v8
Low
4 days ago
ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components
go
github.com/zitadel/zitadel
Moderate
5 days ago
Capsule: Incomplete fix of CVE-2026-30963: singular/plural typo leaves namespaces/finalize unprotected
go
github.com/projectcapsule/capsule
High
5 days ago
Gitea: Stored XSS via glTF `extensionsRequired` in Gitea 3D File Viewer
go
code.gitea.io/gitea
High
5 days ago
Gitea: Public-only tokens bypass private-resource restrictions on `/api/v1/user` self routes
go
code.gitea.io/gitea
High
5 days ago
Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration
go
code.gitea.io/gitea
Moderate
5 days ago
Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join
go
github.com/daytonaio/daytona
Moderate
5 days ago
Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
go
github.com/traefik/traefik/v3, github.com/traefik/traefik, github.com/traefik/traefik/v2
Moderate
6 days ago
Gitea: Token scope bypass on web archive download endpoint
go
code.gitea.io/gitea
Moderate
6 days ago
Gitea: Missing repository-unit authorization on issue-template API endpoints
go
code.gitea.io/gitea
Moderate
6 days ago
Gitea: Incomplete CVE-2025-68941 fix: /user/orgs missing checkTokenPublicOnly + switch-case logic flaw
go
code.gitea.io/gitea
High
6 days ago
Gitea: Authorization Bypass via "Allow edits from maintainers" allows unauthorized commits to any readable repo
go
code.gitea.io/gitea
High
6 days ago
Gitea: OAuth2 access token scope enforcement bypass via HTTP Basic authentication
go
code.gitea.io/gitea
Critical
6 days ago
Rclone: Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation, bypassing CVE-2026-41179 fix
go
github.com/rclone/rclone
High
6 days ago
Gitea: Git Smart HTTP Skips Repository Token Scopes for Bearer Tokens
go
code.gitea.io/gitea
High
6 days ago
Daytona: Cross-org IDOR in organization role update/delete โ any org owner can rewrite or destroy another org's roles
go
github.com/daytonaio/daytona
Moderate
6 days ago
Caddy: stripHTML template function bypass
go
github.com/caddyserver/caddy, github.com/caddyserver/caddy/v2
High
6 days ago
Caddy: FastCGI header normalization bypass in `forward_auth copy_headers`
go
github.com/caddyserver/caddy, github.com/caddyserver/caddy/v2
High
6 days ago
Caddy: Windows `file_server` path authorization bypass via encoded backslash
go
github.com/caddyserver/caddy, github.com/caddyserver/caddy/v2
High
6 days ago
Daytona: Public sandbox previews remain accessible for up to one hour after being made private
go
github.com/daytonaio/daytona
High
6 days ago
Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts
go
github.com/traefik/traefik, github.com/traefik/traefik/v2, Traefik
Moderate
6 days ago
Hugo: security.http.urls allow-list bypass via HTTP redirects
go
github.com/gohugoio/hugo
High
6 days ago
Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass
go
Traefik
High
10 days ago
File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection
go
github.com/filebrowser/filebrowser/v2
High
10 days ago
File Browser has incorrect access control for public directory shares via rule path rebasing
go
github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Moderate
10 days ago
File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames
go
github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
Moderate
10 days ago
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
go
github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
10 days ago
File Browser has a DoS Vulnerability via Public Login API
go
github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
10 days ago
File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path
go
github.com/filebrowser/filebrowser, github.com/filebrowser/filebrowser/v2
High
10 days ago
File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix
go
github.com/filebrowser/filebrowser/v2, github.com/filebrowser/filebrowser
Moderate
10 days ago
Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint
go
github.com/fleetdm/fleet/v4
Moderate
10 days ago
Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint
go
github.com/fleetdm/fleet/v4
High
10 days ago
Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)
go
github.com/radius-project/radius
Low
10 days ago
nebula-mesh: POST /api/v1/hosts/{id}/mobile-bundle response lacks Cache-Control: no-store
go
github.com/juev/nebula-mesh
Moderate
10 days ago
gorest InMemorySecret2FA race condition allows process crash via concurrent map access (CWE-362)
go
github.com/pilinux/gorest
Moderate
10 days ago
Go-Attestation: Hash injection into trusted measurement list via unskipped SignatureHeaderSize vendor bytes in parseEfiSignatureList()
go
github.com/google/go-attestation
High
10 days ago
Chisel has an ACL Bypass via Post-Handshake SSH Channel ExtraData Injection
go
github.com/jpillora/chisel
High
11 days ago
AWS Advanced Go Wrapper has Privilege Escalation in Aurora PostgreSQL instance
go
github.com/aws/aws-advanced-go-wrapper/auth-helpers, github.com/aws/aws-advanced-go-wrapper/otlp, github.com/aws/aws-advanced-go-wrapper/pgx-driver, github.com/aws/aws-advanced-go-wrapper/okta, github.com/aws/aws-advanced-go-wrapper/mysql-driver, github.com/aws/aws-advanced-go-wrapper/iam, github.com/aws/aws-advanced-go-wrapper/federated-auth, github.com/aws/aws-advanced-go-wrapper/custom-endpoint, github.com/aws/aws-advanced-go-wrapper/aws-secrets-manager, github.com/aws/aws-advanced-go-wrapper/xray, github.com/aws/aws-advanced-go-wrapper/awssql/v2
Moderate
11 days ago
OpenFGA has cache-key delimiter injection in shared-iterator and v2 iterator that caches enables intra-store authorization-decision poisoning
go
github.com/openfga/openfga
High
11 days ago
DevGuard has improper authorization on public assets
go
github.com/l3montree-dev/devguard
High
11 days ago
Arc: Unauthenticated access to Go debug pprof endpoints leaks runtime state and enables CPU-burn DoS
go
github.com/basekick-labs/arc
High
11 days ago
Traefik has a StripPrefix Route-Level Auth Bypass via Path Normalization
go
github.com/traefik/traefik/v3, github.com/traefik/traefik/v2
Moderate
11 days ago
free5GC UDR has improper `ueId` validation in EE subscription handlers that allows arbitrary identifier persistence
go
github.com/free5gc/udr
Moderate
12 days ago
nebula-mesh: Newly-minted operator API key exposed in redirect URL (Referer, history, proxy logs)
go
github.com/juev/nebula-mesh
Moderate
12 days ago
Incus has a Nil-Pointer Dereference Panic via Instance Backup Import (volume omitted)
go
github.com/lxc/incus/v7
Moderate
12 days ago
nebula-mesh: Session and OIDC state cookies lack the Secure attribute
go
github.com/juev/nebula-mesh
Moderate
12 days ago
nebula-mesh: Decrypted CA private key persists in heap after signing
go
github.com/juev/nebula-mesh
High
12 days ago
OpenTelemetry Operator for Kubernetes's ServiceMonitor bearerTokenFile reads arbitrary local file and sends contents as bearer auth
go
github.com/open-telemetry/opentelemetry-operator
High
12 days ago
Anyquery has Path Traversal through `clear_plugin_cache`, Allowing Arbitrary Directory Deletion
go
github.com/julien040/anyquery
Moderate
12 days ago
Nezha's private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing data
go
github.com/nezhahq/nezha
High
12 days ago
Nezha has cross-site GET request that can trigger stored cron commands on a victim's agents
go
github.com/nezhahq/nezha
Critical
12 days ago
Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery
go
github.com/dhax/go-base
Filter by Severity
Filter by Package
github.com/mattermost/mattermost/server/v8
196
github.com/mattermost/mattermost-server
166
github.com/usememos/memos
75
github.com/grafana/grafana
62
github.com/rancher/rancher
58
github.com/hashicorp/vault
55
gogs.io/gogs
54
github.com/siyuan-note/siyuan/kernel
51
github.com/traefik/traefik/v2
45
code.gitea.io/gitea
42
k8s.io/kubernetes
42
github.com/traefik/traefik/v3
41
github.com/mattermost/mattermost-server/v6
39
github.com/zitadel/zitadel
38
github.com/argoproj/argo-cd/v2
37
github.com/cilium/cilium
35
github.com/filebrowser/filebrowser/v2
34
github.com/answerdev/answer
34
github.com/hashicorp/nomad
34
code.vikunja.io/api
33
github.com/docker/docker
33
github.com/hashicorp/consul
32
github.com/argoproj/argo-cd
31
github.com/nats-io/nats-server/v2
27
github.com/fleetdm/fleet/v4
26
github.com/ethereum/go-ethereum
26
github.com/openfga/openfga
26
github.com/openbao/openbao
26
github.com/traefik/traefik
24
github.com/goharbor/harbor
23
helm.sh/helm/v3
21
github.com/kyverno/kyverno
21
github.com/go-gitea/gitea
20
github.com/gotenberg/gotenberg/v8
20
github.com/containerd/containerd
20
github.com/juju/juju
19
golang.org/x/net
18
k8s.io/ingress-nginx
17
github.com/1Panel-dev/1Panel
17
github.com/opencontainers/runc
16
github.com/0xJacky/Nginx-UI
16
github.com/coredns/coredns
16
github.com/ollama/ollama
16
github.com/authzed/spicedb
16
github.com/zitadel/zitadel/v2
15
github.com/minio/minio
15
github.com/caddyserver/caddy/v2
15
kubevirt.io/kubevirt
15
github.com/ellanetworks/core
14
github.com/canonical/lxd
14
github.com/filebrowser/filebrowser
14
github.com/mattermost/mattermost-plugin-confluence
14
github.com/argoproj/argo-workflows/v3
14
github.com/cri-o/cri-o
13
github.com/cosmos/cosmos-sdk
13
github.com/OliveTin/OliveTin
13
github.com/moby/moby
13
github.com/go-git/go-git/v5
12
github.com/lin-snow/ech0
12
github.com/containers/podman/v4
12
golang.org/x/crypto
12
github.com/pterodactyl/wings
12
github.com/casdoor/casdoor
12
github.com/envoyproxy/envoy
11
github.com/gravitl/netmaker
11
github.com/patrickhener/goshs
11
github.com/bishopfox/sliver
11
github.com/cometbft/cometbft
11
github.com/cloudflare/cfrpki
11
github.com/gohugoio/hugo
11
github.com/navidrome/navidrome
11
github.com/pomerium/pomerium
11
go.opentelemetry.io/obi
11
github.com/containerd/containerd/v2
11
github.com/treeverse/lakefs
11
github.com/dragonflyoss/dragonfly
11
go.etcd.io/etcd/v3
11
github.com/sylabs/singularity
10
github.com/beego/beego/v2
10
github.com/charmbracelet/soft-serve
10
github.com/forceu/gokapi
10
github.com/greenpau/caddy-security
10
github.com/gofiber/fiber/v2
10
istio.io/istio
10
github.com/Tencent/WeKnora
10
github.com/hashicorp/go-getter
10
github.com/axllent/mailpit
10
github.com/lxc/incus/v6/cmd/incusd
10
github.com/esm-dev/esm.sh
9
github.com/free5gc/udr
9
github.com/juev/nebula-mesh
9
github.com/portainer/portainer
9
github.com/kubernetes/kubernetes
9
github.com/apache/incubator-answer
9
github.com/beego/beego
9
github.com/oauth2-proxy/oauth2-proxy/v7
9
github.com/argoproj/argo-cd/v3
9
github.com/mattermost/mattermost-server/v5
9
github.com/nezhahq/nezha
8
github.com/containers/buildah
8
github.com/lxc/incus/v6
8
github.com/argoproj/argo-workflows/v4
8
github.com/quic-go/quic-go
8
chainguard.dev/melange
8
github.com/stacklok/minder
8
github.com/getarcaneapp/arcane/backend
8
github.com/containers/podman/v5
8
github.com/consensys/gnark
8
github.com/tektoncd/pipeline
8
github.com/kubeedge/kubeedge
8
github.com/klever-io/klever-go
8
github.com/neuvector/neuvector
8
github.com/edgelesssys/contrast
7
github.com/opentofu/opentofu
7
www.velocidex.com/golang/velociraptor
7
github.com/coder/coder/v2
7
github.com/sigstore/cosign
7
github.com/QuantumNous/new-api
7
github.com/xyproto/algernon
7
github.com/lf-edge/eve
7
github.com/free5gc/udm
7
go.etcd.io/etcd
7
github.com/enchant97/note-mark/backend
7
chainguard.dev/apko
7
github.com/drakkan/sftpgo/v2
7
github.com/osrg/gobgp/v4
7
github.com/free5gc/nef
7
github.com/alist-org/alist/v3
7
github.com/mattermost/mattermost
7
github.com/hyperledger/fabric
7
github.com/gophish/gophish
7
github.com/moby/buildkit
7
github.com/google/fscrypt
7
github.com/patrickhener/goshs/v2
6
github.com/git-lfs/git-lfs
6
github.com/containers/podman/v3
6
github.com/russellhaering/goxmldsig
6
github.com/omec-project/amf
6
github.com/cli/cli/v2
6
github.com/caddyserver/caddy
6
github.com/cubefs/cubefs
6
github.com/fluxcd/flux2
6
github.com/prometheus/prometheus
6
go.temporal.io/server
6
miniflux.app/v2
6
github.com/siderolabs/omni
6
github.com/mattermost/mattermost-plugin-playbooks
6
github.com/projectcapsule/capsule
6
goauthentik.io
6
github.com/ory/oathkeeper
6
github.com/pion/dtls/v2
6
github.com/authelia/authelia/v4
6
github.com/russellhaering/gosaml2
6
github.com/foxcpp/maddy
6
github.com/apache/trafficcontrol
6
github.com/lf-edge/ekuiper/v2
6
github.com/snapcore/snapd
5
github.com/bnb-chain/tss-lib
5
github.com/owncast/owncast
5
github.com/schollz/croc/v9
5
github.com/AdguardTeam/AdGuardHome
5
github.com/fluxcd/kustomize-controller
5
github.com/hashicorp/boundary
5
github.com/dgraph-io/dgraph/v24
5
github.com/free5gc/amf
5
github.com/dadrus/heimdall
5
github.com/dgraph-io/dgraph/v25
5
github.com/ipfs/go-ipfs
5
github.com/lin-snow/Ech0
5
github.com/rclone/rclone
5
cosmwasm-vm
5
github.com/CosmWasm/wasmvm/v2
5
helm.sh/helm
5
github.com/crossplane/crossplane
5
github.com/modelcontextprotocol/registry
5
github.com/elastic/beats/v7
5
github.com/open-policy-agent/opa
5
github.com/moby/moby/v2
5
github.com/free5gc/pcf
5
github.com/t2bot/matrix-media-repo
5
github.com/openziti/zrok/v2
5
github.com/tendermint/tendermint
5
github.com/osrg/gobgp/v3
5
github.com/external-secrets/external-secrets
5
github.com/CosmWasm/wasmvm
5
vitess.io/vitess
5
github.com/projectdiscovery/nuclei/v3
5
github.com/pion/dtls
5
github.com/lf-edge/ekuiper
5
github.com/dgraph-io/dgraph
5
golang.org/x/image
5
github.com/KubeOperator/kubepi
5
github.com/gofiber/fiber/v3
5
github.com/cheqd/cheqd-node
5
github.com/CosmWasm/wasmd
5
github.com/kiali/kiali
5
github.com/dexidp/dex
5
github.com/openziti/zrok
5
github.com/oauth2-proxy/oauth2-proxy
5
github.com/IBAX-io/go-ibax
5
Filter by Repository
https://github.com/usememos/memos
68
https://github.com/kubernetes/kubernetes
65
https://github.com/mattermost/mattermost
59
https://github.com/argoproj/argo-cd
50
https://github.com/grafana/grafana
46
https://github.com/rancher/rancher
46
https://github.com/answerdev/answer
34
https://github.com/go-gitea/gitea
32
https://github.com/cilium/cilium
31
https://github.com/gogs/gogs
28
https://github.com/zitadel/zitadel
26
https://github.com/traefik/traefik
25
https://github.com/hashicorp/consul
24
https://github.com/moby/moby
23
https://github.com/helm/helm
22
https://github.com/hashicorp/vault
21
https://github.com/goharbor/harbor
21
https://github.com/containerd/containerd
19
https://github.com/ethereum/go-ethereum
17
https://github.com/openfga/openfga
17
https://github.com/etcd-io/etcd
16
https://github.com/hashicorp/nomad
16
https://github.com/opencontainers/runc
15
https://github.com/golang/go
14
https://github.com/containers/podman
14
https://github.com/cosmos/cosmos-sdk
14
https://github.com/openbao/openbao
13
https://github.com/1Panel-dev/1Panel
13
https://github.com/nats-io/nats-server
12
https://github.com/cometbft/cometbft
11
https://github.com/filebrowser/filebrowser
11
https://github.com/kubevirt/kubevirt
11
https://github.com/cloudflare/cfrpki
11
https://github.com/beego/beego
11
https://github.com/pomerium/pomerium
11
https://github.com/dragonflyoss/dragonfly
11
https://github.com/cri-o/cri-o
11
https://github.com/canonical/lxd
10
https://github.com/greenpau/caddy-security
10
https://github.com/authzed/spicedb
10
https://github.com/kyverno/kyverno
10
https://github.com/argoproj/argo-workflows
9
https://github.com/hashicorp/go-getter
9
https://github.com/juju/juju
9
https://github.com/treeverse/lakeFS
9
https://github.com/casdoor/casdoor
9
https://github.com/navidrome/navidrome
8
https://github.com/minio/minio
8
https://github.com/stacklok/minder
8
https://github.com/gofiber/fiber
8
https://github.com/kubeedge/kubeedge
8
https://github.com/pterodactyl/wings
8
https://github.com/containers/buildah
8
https://github.com/istio/istio
8
https://github.com/Consensys/gnark
8
https://github.com/docker/docker
8
https://github.com/kubernetes/ingress-nginx
7
https://github.com/neuvector/neuvector
7
https://github.com/ollama/ollama
7
https://github.com/evmos/evmos
7
https://github.com/google/fscrypt
7
https://github.com/hpcng/singularity
7
https://github.com/hyperledger/fabric
7
https://github.com/gravitl/netmaker
6
https://github.com/cubefs/cubefs
6
https://github.com/moby/buildkit
6
https://github.com/charmbracelet/soft-serve
6
https://github.com/quic-go/quic-go
6
https://github.com/fluxcd/flux2
6
https://github.com/schollz/croc
6
https://github.com/open-policy-agent/opa
6
https://github.com/coredns/coredns
6
https://github.com/sigstore/cosign
6
https://github.com/drakkan/sftpgo
6
https://github.com/lf-edge/ekuiper
6
https://github.com/pion/dtls
6
https://github.com/git-lfs/git-lfs
6
https://github.com/oauth2-proxy/oauth2-proxy
6
https://github.com/0xJacky/nginx-ui
5
https://github.com/tendermint/tendermint
5
https://github.com/crewjam/saml
5
https://github.com/edgelesssys/contrast
5
https://github.com/CosmWasm/wasmvm
5
https://github.com/CosmWasm/wasmd
5
https://github.com/free5gc/free5gc
5
https://github.com/cli/cli
5
https://github.com/t2bot/matrix-media-repo
5
https://github.com/IBAX-io/go-ibax
5
https://github.com/foxcpp/maddy
5
https://github.com/gophish/gophish
5
https://github.com/osrg/gobgp
5
https://github.com/siyuan-note/siyuan
5
https://github.com/cheqd/cheqd-node
5
https://github.com/ipfs/go-ipfs
5
https://github.com/woodpecker-ci/woodpecker
4
https://github.com/IceWhaleTech/CasaOS-UserService
4
https://github.com/lestrrat-go/jwx
4
https://github.com/ory/fosite
4
https://github.com/golang/crypto
4
https://github.com/BishopFox/sliver
4
https://github.com/projectdiscovery/nuclei
4
https://github.com/authelia/authelia
4
https://github.com/arduino/arduino-create-agent
4
https://github.com/dexidp/dex
4
https://github.com/russellhaering/gosaml2
4
https://github.com/go-vela/server
4
https://github.com/snapcore/snapd
4
https://github.com/notaryproject/notation-go
4
https://github.com/containous/traefik
4
https://github.com/concourse/concourse
4
https://github.com/go-git/go-git
4
https://github.com/owncast/owncast
4
https://github.com/apache/trafficcontrol
4
https://github.com/siderolabs/talos
4
https://github.com/crossplane/crossplane
4
https://github.com/cosmos/ibc-go
4
https://github.com/edgelesssys/constellation
4
https://github.com/dhowden/tag
4
https://github.com/gin-gonic/gin
4
https://github.com/coder/coder
4
https://github.com/tidwall/gjson
4
https://github.com/babylonlabs-io/babylon
4
https://github.com/grafana/bugbounty
4
https://github.com/meshery/meshery
4
https://github.com/alist-org/alist
4
https://github.com/vitessio/vitess
4
https://github.com/chaos-mesh/chaos-mesh
4
https://github.com/envoyproxy/envoy
4
https://github.com/mholt/archiver
3
https://github.com/syncthing/syncthing
3
https://github.com/runatlantis/atlantis
3
https://github.com/artifacthub/hub
3
https://github.com/phachon/mm-wiki
3
https://github.com/mudler/localai
3
https://github.com/tailscale/tailscale
3
https://github.com/square/go-jose
3
https://github.com/kiali/kiali
3
https://github.com/KubeOperator/KubePi
3
https://github.com/apache/incubator-answer
3
https://github.com/moby/libnetwork
3
https://github.com/NVIDIA/gpu-operator
3
https://github.com/project-zot/zot
3
https://github.com/gogits/gogs
3
https://github.com/openshift/origin
3
https://github.com/plentico/plenti
3
https://github.com/tiagorlampert/CHAOS
3
https://github.com/ctfer-io/chall-manager
3
https://github.com/weaveworks/weave-gitops
3
https://github.com/open-telemetry/opentelemetry-go-contrib
3
https://github.com/mattermost/mattermost-plugin-boards
3
https://github.com/dutchcoders/transfer.sh
3
https://github.com/siderolabs/omni
3
https://github.com/heketi/heketi
3
https://github.com/sylabs/singularity
3
https://github.com/temporalio/temporal
3
https://github.com/ory/oathkeeper
3
https://github.com/AlexxIT/go2rtc
3
https://github.com/libp2p/go-libp2p
3
https://github.com/caddyserver/caddy
3
https://github.com/go-yaml/yaml
3
https://github.com/Consensys/gnark-crypto
3
https://github.com/fleetdm/fleet
3
https://github.com/distribution/distribution
3
https://github.com/goauthentik/authentik
3
https://github.com/edgelesssys/marblerun
3
https://github.com/aws/aws-sdk-go
3
https://github.com/flyteorg/flyteadmin
3
https://github.com/argoproj/argo-events
3
https://github.com/lightningnetwork/lnd
3
https://github.com/cloudflare/circl
3
https://github.com/kcp-dev/kcp
3
https://github.com/cortexproject/cortex
3
https://github.com/mattermost/mattermost-plugin-playbooks
3
https://github.com/clidey/whodb
3
https://github.com/ElrondNetwork/elrond-go
3
https://github.com/karmada-io/karmada
3
https://github.com/ubuntu/authd
3
https://github.com/go-jose/go-jose
3
https://github.com/pingcap/tidb
3
https://github.com/u-root/u-root
3
https://github.com/ipfs/boxo
3
https://github.com/kubernetes-sigs/secrets-store-csi-driver
3
https://github.com/IoFinnet/tss-lib
3
https://github.com/SpectoLabs/hoverfly
3
https://github.com/nats-io/jwt
3
https://github.com/gohugoio/hugo
3
https://github.com/theupdateframework/go-tuf
3
https://github.com/miniflux/v2
3
https://github.com/imgproxy/imgproxy
3
https://github.com/flipped-aurora/gin-vue-admin
3
https://github.com/metal3-io/baremetal-operator
3
https://github.com/filecoin-project/go-f3
2
https://github.com/gomarkdown/markdown
2
https://github.com/btcsuite/btcd
2
https://github.com/jackc/pgx
2
https://github.com/goreleaser/goreleaser
2
https://github.com/sajari/docconv
2
https://github.com/containers/image
2
https://github.com/kitabisa/teler
2