Security Advisories in go
Moderate
1 day ago
Nezha's authenticated DDNS webhook configuration allows blind SSRF from the dashboard host
go
github.com/nezhahq/nezha
Low
1 day ago
Authelia Missing Username Canonicalization in Basic Auth (LDAP)
go
github.com/authelia/authelia/v4
High
1 day ago
authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user
go
goauthentik.io
Moderate
1 day ago
go-git: Malformed Git object data may cause panics or resource exhaustion
go
github.com/go-git/go-git/v6, github.com/go-git/go-git/v5
Moderate
1 day ago
CAPM3 vulnerable to Cross-Namespace resource access
go
github.com/metal3-io/cluster-api-provider-metal3
Moderate
1 day ago
IPAM controller service account granted unnecessary full access to Secrets
go
github.com/metal3-io/ip-address-manager
Moderate
1 day ago
Ironic Standalone Operator's controller modifies user-owned resources without consent
go
github.com/metal3-io/ironic-standalone-operator
Moderate
1 day ago
Ironic Standalone Operator's prometheus metrics exporter bound to all interfaces
go
github.com/metal3-io/ironic-standalone-operator
High
1 day ago
Gotenberg has a Race Condition via Multipart `downloadFrom` Handling
go
github.com/gotenberg/gotenberg/v8
High
1 day ago
Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes
go
github.com/gotenberg/gotenberg/v8
High
1 day ago
Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename
go
github.com/gotenberg/gotenberg/v8
High
2 days ago
Arcane Has an Authenticated Arbitrary Host File Read via Docker Compose Include Directives
go
github.com/getarcaneapp/arcane/backend
Moderate
2 days ago
OpenBao's Kerberos Auth Method Accumulates Unaccessible Tokens
go
github.com/openbao/openbao
Moderate
2 days ago
OpenBao's Inline Auth Incorrectly Redacted Headers
go
github.com/openbao/openbao
High
2 days ago
OpenBao's cross-namespace lease revocation via legacy sys/revoke path bypasses ACL
go
github.com/openbao/openbao
Low
2 days ago
opentelemetry-go's Schema ParseFile leaks file descriptors on each parse
go
go.opentelemetry.io/otel/schema/v1.0, go.opentelemetry.io/otel/schema/v1.1
Moderate
2 days ago
opentelemetry-go's baggage parsing no longer caps raw header length
go
go.opentelemetry.io/otel/propagation, go.opentelemetry.io/otel/baggage
Moderate
2 days ago
Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability
go
github.com/projectcapsule/capsule
High
3 days ago
Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs
go
github.com/kata-containers/kata-containers
High
3 days ago
CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests
go
github.com/crowdsecurity/crowdsec
Moderate
3 days ago
CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression
go
github.com/crowdsecurity/crowdsec
Moderate
4 days ago
Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations
go
github.com/kata-containers/kata-containers
Moderate
8 days ago
Nezha Monitoring: Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members
go
github.com/nezhahq/nezha
Critical
8 days ago
Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron
go
github.com/nezhahq/nezha
High
8 days ago
Arcane: Missing admin authorization on global variables endpoint
go
github.com/getarcaneapp/arcane/backend
Moderate
8 days ago
Nezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.FailTriggerTasks (no ownership check)
go
github.com/nezhahq/nezha
High
8 days ago
Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notification
go
github.com/nezhahq/nezha
Critical
8 days ago
FileBrowser Quantum: Path traversal in public share PATCH allows file ops outside shared directory
go
github.com/gtsteffaniak/filebrowser/backend
Critical
9 days ago
Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host
go, npm, cargo, pypi
github.com/boxlite-ai/boxlite/sdks/go, @boxlite-ai/boxlite, boxlite, boxlite-cli
Critical
9 days ago
BoxLite: Permission Bypass Allows Modification of Read-Only Files
cargo, go, npm, pypi
boxlite-cli, boxlite, github.com/boxlite-ai/boxlite/sdks/go, @boxlite-ai/boxlite
High
9 days ago
containerd user ID handling bypass allows runAsNonRoot evasion
go
github.com/containerd/containerd/v2, github.com/containerd/containerd
Low
9 days ago
SpiceDB: Caveat structures with nested lists can result in improper cache reuse
go
github.com/authzed/spicedb
Moderate
9 days ago
Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables
go
github.com/fission/fission
High
9 days ago
Fission runtime pods automount the fission-fetcher service-account token into the user function container, granting function code namespace-wide secret / configmap read
go
github.com/fission/fission
Critical
9 days ago
Fission router exposes /fission-function/<ns>/<name> on its public listener, allowing invocation of any function without an HTTPTrigger
go
github.com/fission/fission
High
9 days ago
Fission StorageSvc /v1/archive endpoint exposes unauthenticated CRUD over all function archives
go
github.com/fission/fission
Low
9 days ago
androidqf: APK download Path Traversal in device APK paths
go
github.com/mvt-project/androidqf
Low
9 days ago
androidqf: Zip entry Name Injection in APK bundle (Zip Slip for zip consumers)
go
github.com/mvt-project/androidqf
Moderate
9 days ago
Klever-Go KVM read-only execution can commit contract delete and upgrade side effects
go
github.com/klever-io/klever-go
Low
10 days ago
OpenTofu: Excessive resource usage in "tofu init" when installing dependencies from attacker-controlled server
go
github.com/opentofu/opentofu
Moderate
10 days ago
Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *
go
github.com/xyproto/algernon
Moderate
10 days ago
Algernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOS
go
github.com/xyproto/algernon
High
11 days ago
FileBrowser Quantum: unauthenticated user share share info
go
github.com/gtsteffaniak/filebrowser, github.com/gtsteffaniak/filebrowser/backend
High
11 days ago
Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal
go
github.com/tomwright/dasel/v3
High
11 days ago
Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string
go
github.com/tomwright/dasel/v3
Critical
11 days ago
Coder: PKCS#7 signature bypass in Azure instance identity allows unauthenticated agent token theft
go
github.com/coder/coder, github.com/coder/coder/v2
Moderate
11 days ago
Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint
go
github.com/coder/coder, github.com/coder/coder/v2
Critical
11 days ago
MCP Gateway: Authority-injection and JWT/session bypass via the unauthenticated router hair-pin "router-key" / "mcp-init-host" path
go
github.com/Kuadrant/mcp-gateway
Low
11 days ago
GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injection
go
github.com/cli/cli, github.com/cli/cli/v2
Moderate
11 days ago
Caddy: Remote Admin Authorization Bypass on PKI Endpoints via Prefix-Based Path Matching
go
github.com/caddyserver/caddy/v2
Moderate
11 days ago
Kong Ingress Controller for Kubernetes (KIC): Cross-namespace TLS Secret Exfiltration in Gateways with GatewayClass missing `konghq.com/gatewayclass-unmanaged: 'true'` annotation
go
github.com/kong/kubernetes-ingress-controller, github.com/kong/kubernetes-ingress-controller/v2, github.com/kong/kubernetes-ingress-controller/v3
Moderate
11 days ago
Kong Ingress Controller for Kubernetes (KIC): Secret-backed plugin configurations leak through non-sensitive diagnostics endpoint
go
github.com/kong/kubernetes-ingress-controller, github.com/kong/kubernetes-ingress-controller/v2, github.com/kong/kubernetes-ingress-controller/v3
Moderate
11 days ago
Envoy AI Proxy - MCP Message Smuggling Vulnerability
go
github.com/envoyproxy/ai-gateway
High
11 days ago
Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation
go
github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd/v3
Moderate
11 days ago
Argo CD: Kubernetes Secret Extraction via ArgoCD ServerSideDiff via sensitive annotations
go
github.com/argoproj/argo-cd/v3
High
11 days ago
Mailpit: Unauthenticated remote memory-exhaustion DoS via unlimited SMTP DATA and /api/v1/send body sizes
go
github.com/axllent/mailpit
Moderate
11 days ago
Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)
go
github.com/axllent/mailpit
Moderate
11 days ago
Mailpit: Path traversal & arbitrary file write in mailpit dump --http via attacker-controlled message IDs
go
github.com/axllent/mailpit
Moderate
11 days ago
Mailpit has an incomplete fix for GHSA-6jxm: HTML check still permits SSRF to private/loopback/IMDS via missing IP-filter dialer
go
github.com/axllent/mailpit
Moderate
11 days ago
Caddy: Remote Admin Authorization Bypass in `/config` API via Array Index Normalization
go
github.com/caddyserver/caddy/v2
Low
11 days ago
MCP Registry: OCI validator skips ownership check on upstream rate limits
go
github.com/modelcontextprotocol/registry
High
11 days ago
zrok copy writes attacker-controlled WebDAV paths outside the destination root
go
github.com/openziti/zrok, github.com/openziti/zrok/v2
Moderate
11 days ago
go-git: Crafted repositories may modify main and submodule .git directories
go
github.com/go-git/go-git, github.com/go-git/go-git/v6, github.com/go-git/go-git/v5
Low
11 days ago
go-git: Improper single-quote escaping in go-git SSH transport
go
github.com/go-git/go-git, github.com/go-git/go-git/v6, github.com/go-git/go-git/v5
Moderate
12 days ago
Algernon: Auto-refresh SSE event server binds to all interfaces with Access-Control-Allow-Origin: * and no authentication
go
github.com/xyproto/algernon
Critical
12 days ago
Algernon: handler.lua discovery walks parent directories above the server root
go
github.com/xyproto/algernon
High
12 days ago
Algernon: Single-file mode unconditionally enables debug mode
go
github.com/xyproto/algernon
High
12 days ago
OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI
go
go.opentelemetry.io/obi
High
12 days ago
OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages
go
go.opentelemetry.io/obi
Moderate
12 days ago
OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers
go
go.opentelemetry.io/obi
Moderate
12 days ago
OpenTelemetry eBPF Instrumentation: CappedConcurrentHashMap leaks keys after removals
go
go.opentelemetry.io/obi
Low
12 days ago
OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure
go
go.opentelemetry.io/obi
Moderate
12 days ago
OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size
go
go.opentelemetry.io/obi
Moderate
12 days ago
OpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPU
go
go.opentelemetry.io/obi
High
12 days ago
OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads
go
go.opentelemetry.io/obi
Moderate
12 days ago
OpenTelemetry eBPF Instrumentation: Redis error text is exported in span status messages
go
go.opentelemetry.io/obi
Moderate
12 days ago
OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent
go
go.opentelemetry.io/obi
High
12 days ago
Docker: Race condition in docker cp allows bind mount redirection to host path
go
github.com/moby/moby, github.com/moby/moby/v2, github.com/docker/docker
Moderate
12 days ago
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
go
github.com/moby/moby, github.com/moby/moby/v2, github.com/docker/docker
High
12 days ago
Docker: `PUT /containers/{id}/archive` executes container binary on the host
go
github.com/moby/moby, github.com/docker/docker, github.com/moby/moby/v2
High
12 days ago
TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection
go
github.com/DatanoiseTV/tinyice
High
12 days ago
Dozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy)
go
github.com/amir20/dozzle
High
13 days ago
Arcane Backend: Unauthenticated reflected XSS via SVG color parameter enables admin account takeover
go
github.com/getarcaneapp/arcane/backend
Moderate
13 days ago
Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameter
go
github.com/getarcaneapp/arcane/backend
Critical
13 days ago
Arcane Backend: Missing admin authorization on git repository endpoints allows non-admin users to exfiltrate stored Git credentials and tamper with GitOps configs
go
github.com/getarcaneapp/arcane/backend
High
13 days ago
Caddy: Unsafe Unicode Handling in FastCGI splitPos Allows Execution of Non-PHP Files
go
github.com/caddyserver/caddy/v2
High
13 days ago
iskorotkov/avro: Denial-of-Service Vulnerability in Decoder
go
github.com/iskorotkov/avro/v2
Low
13 days ago
AMF Vulnerable to Improper Resource Shutdown or Release
go
github.com/omec-project/amf
Low
13 days ago
AMF Improperly Restricts Operations within the Bounds of a Memory Buffer
go
github.com/omec-project/amf
Low
13 days ago
AMF Improperly Restricts Operations within the Bounds of a Memory Buffer
go
github.com/omec-project/amf
Low
13 days ago
AMF Vulnerable to Improper Resource Shutdown or Release
go
github.com/omec-project/amf
Low
13 days ago
AMF Vulnerable to Improper Resource Shutdown or Release
go
github.com/omec-project/amf
Moderate
15 days ago
Mattermost doesn't validate the response body of proxied images
go
github.com/mattermost/mattermost-server
Filter by Severity
Filter by Package
github.com/mattermost/mattermost/server/v8
182
github.com/mattermost/mattermost-server
152
github.com/usememos/memos
75
github.com/grafana/grafana
60
github.com/rancher/rancher
58
github.com/hashicorp/vault
55
gogs.io/gogs
51
github.com/siyuan-note/siyuan/kernel
51
k8s.io/kubernetes
42
github.com/traefik/traefik/v2
42
github.com/mattermost/mattermost-server/v6
38
github.com/argoproj/argo-cd/v2
37
github.com/traefik/traefik/v3
37
github.com/cilium/cilium
35
github.com/hashicorp/nomad
34
github.com/answerdev/answer
34
code.vikunja.io/api
33
github.com/docker/docker
33
github.com/zitadel/zitadel
33
code.gitea.io/gitea
33
github.com/hashicorp/consul
32
github.com/argoproj/argo-cd
31
github.com/nats-io/nats-server/v2
27
github.com/filebrowser/filebrowser/v2
27
github.com/ethereum/go-ethereum
26
github.com/fleetdm/fleet/v4
24
github.com/openfga/openfga
23
github.com/goharbor/harbor
23
github.com/openbao/openbao
22
github.com/traefik/traefik
22
github.com/kyverno/kyverno
21
helm.sh/helm/v3
21
github.com/go-gitea/gitea
19
github.com/gotenberg/gotenberg/v8
19
github.com/juju/juju
19
golang.org/x/net
18
github.com/containerd/containerd
18
github.com/1Panel-dev/1Panel
17
k8s.io/ingress-nginx
17
github.com/ollama/ollama
16
github.com/0xJacky/Nginx-UI
16
github.com/opencontainers/runc
16
github.com/coredns/coredns
16
github.com/authzed/spicedb
15
github.com/zitadel/zitadel/v2
15
github.com/minio/minio
15
kubevirt.io/kubevirt
15
github.com/mattermost/mattermost-plugin-confluence
14
github.com/ellanetworks/core
14
github.com/canonical/lxd
14
github.com/argoproj/argo-workflows/v3
14
github.com/cosmos/cosmos-sdk
13
github.com/cri-o/cri-o
13
github.com/OliveTin/OliveTin
13
github.com/moby/moby
13
github.com/caddyserver/caddy/v2
12
github.com/pterodactyl/wings
12
github.com/lin-snow/ech0
12
golang.org/x/crypto
12
github.com/casdoor/casdoor
12
github.com/go-git/go-git/v5
12
github.com/treeverse/lakefs
11
go.etcd.io/etcd/v3
11
github.com/dragonflyoss/dragonfly
11
go.opentelemetry.io/obi
11
github.com/containers/podman/v4
11
github.com/pomerium/pomerium
11
github.com/envoyproxy/envoy
11
github.com/patrickhener/goshs
11
github.com/navidrome/navidrome
11
github.com/gravitl/netmaker
11
github.com/bishopfox/sliver
11
github.com/cometbft/cometbft
11
github.com/cloudflare/cfrpki
11
github.com/hashicorp/go-getter
10
github.com/gofiber/fiber/v2
10
github.com/lxc/incus/v6/cmd/incusd
10
github.com/charmbracelet/soft-serve
10
istio.io/istio
10
github.com/filebrowser/filebrowser
10
github.com/Tencent/WeKnora
10
github.com/greenpau/caddy-security
10
github.com/beego/beego/v2
10
github.com/forceu/gokapi
10
github.com/oauth2-proxy/oauth2-proxy/v7
9
github.com/esm-dev/esm.sh
9
github.com/argoproj/argo-cd/v3
9
github.com/portainer/portainer
9
github.com/apache/incubator-answer
9
github.com/kubernetes/kubernetes
9
github.com/axllent/mailpit
9
github.com/sylabs/singularity
9
github.com/getarcaneapp/arcane/backend
8
github.com/free5gc/udr
8
github.com/kubeedge/kubeedge
8
go.etcd.io/etcd
8
github.com/beego/beego
8
github.com/containers/buildah
8
github.com/consensys/gnark
8
github.com/tektoncd/pipeline
8
github.com/mattermost/mattermost-server/v5
8
github.com/stacklok/minder
8
github.com/argoproj/argo-workflows/v4
8
chainguard.dev/melange
8
github.com/lxc/incus/v6
8
github.com/neuvector/neuvector
8
github.com/moby/buildkit
7
github.com/containers/podman/v5
7
github.com/QuantumNous/new-api
7
github.com/edgelesssys/contrast
7
github.com/alist-org/alist/v3
7
github.com/free5gc/nef
7
www.velocidex.com/golang/velociraptor
7
github.com/quic-go/quic-go
7
github.com/google/fscrypt
7
github.com/coder/coder/v2
7
github.com/xyproto/algernon
7
github.com/mattermost/mattermost
7
chainguard.dev/apko
7
github.com/sigstore/cosign
7
github.com/osrg/gobgp/v4
7
github.com/gophish/gophish
7
github.com/hyperledger/fabric
7
github.com/drakkan/sftpgo/v2
7
github.com/free5gc/udm
7
github.com/enchant97/note-mark/backend
7
github.com/lf-edge/eve
7
github.com/russellhaering/gosaml2
6
github.com/apache/trafficcontrol
6
helm.sh/helm
6
github.com/authelia/authelia/v4
6
github.com/ory/oathkeeper
6
github.com/cubefs/cubefs
6
goauthentik.io
6
github.com/opentofu/opentofu
6
github.com/omec-project/amf
6
github.com/open-policy-agent/opa
6
github.com/russellhaering/goxmldsig
6
github.com/prometheus/prometheus
6
github.com/foxcpp/maddy
6
github.com/dgraph-io/dgraph
6
github.com/cli/cli/v2
6
github.com/fluxcd/flux2
6
go.temporal.io/server
6
github.com/lf-edge/ekuiper/v2
6
github.com/pion/dtls/v2
6
github.com/patrickhener/goshs/v2
6
github.com/containerd/containerd/v2
6
github.com/nezhahq/nezha
5
github.com/oauth2-proxy/oauth2-proxy
5
github.com/git-lfs/git-lfs
5
github.com/dgraph-io/dgraph/v25
5
github.com/dgraph-io/dgraph/v24
5
github.com/ipfs/go-ipfs
5
github.com/hashicorp/boundary
5
github.com/lin-snow/Ech0
5
github.com/fluxcd/kustomize-controller
5
github.com/bnb-chain/tss-lib
5
github.com/gofiber/fiber/v3
5
github.com/kiali/kiali
5
github.com/t2bot/matrix-media-repo
5
github.com/snapcore/snapd
5
miniflux.app/v2
5
github.com/owncast/owncast
5
github.com/moby/moby/v2
5
github.com/containers/podman/v3
5
github.com/KubeOperator/kubepi
5
github.com/external-secrets/external-secrets
5
github.com/schollz/croc/v9
5
github.com/elastic/beats/v7
5
github.com/projectdiscovery/nuclei/v3
5
github.com/osrg/gobgp/v3
5
github.com/gin-gonic/gin
5
github.com/openziti/zrok/v2
5
golang.org/x/image
5
github.com/modelcontextprotocol/registry
5
github.com/lf-edge/ekuiper
5
github.com/openziti/zrok
5
github.com/pion/dtls
5
vitess.io/vitess
5
github.com/gohugoio/hugo
5
github.com/projectcapsule/capsule
5
github.com/free5gc/pcf
5
github.com/go-git/go-git/v6
5
github.com/IBAX-io/go-ibax
5
github.com/tendermint/tendermint
5
github.com/cheqd/cheqd-node
5
github.com/CosmWasm/wasmd
5
github.com/free5gc/amf
5
github.com/gtsteffaniak/filebrowser/backend
5
github.com/mattermost/mattermost-plugin-msteams
4
github.com/knadh/listmonk
4
github.com/fission/fission
4
github.com/concourse/concourse
4
github.com/CosmWasm/wasmvm
4
github.com/ory/fosite
4
github.com/kubewarden/kubewarden-controller
4
github.com/CosmWasm/wasmvm/v2
4
github.com/oxia-db/oxia
4
github.com/lightningnetwork/lnd
4
Filter by Repository
https://github.com/usememos/memos
68
https://github.com/kubernetes/kubernetes
65
https://github.com/mattermost/mattermost
59
https://github.com/argoproj/argo-cd
50
https://github.com/rancher/rancher
46
https://github.com/grafana/grafana
46
https://github.com/answerdev/answer
34
https://github.com/go-gitea/gitea
32
https://github.com/cilium/cilium
31
https://github.com/gogs/gogs
28
https://github.com/zitadel/zitadel
26
https://github.com/traefik/traefik
25
https://github.com/hashicorp/consul
24
https://github.com/moby/moby
23
https://github.com/helm/helm
22
https://github.com/goharbor/harbor
21
https://github.com/hashicorp/vault
21
https://github.com/containerd/containerd
19
https://github.com/openfga/openfga
17
https://github.com/ethereum/go-ethereum
17
https://github.com/hashicorp/nomad
16
https://github.com/etcd-io/etcd
16
https://github.com/opencontainers/runc
15
https://github.com/golang/go
14
https://github.com/cosmos/cosmos-sdk
14
https://github.com/containers/podman
14
https://github.com/1Panel-dev/1Panel
13
https://github.com/openbao/openbao
13
https://github.com/nats-io/nats-server
12
https://github.com/cri-o/cri-o
11
https://github.com/dragonflyoss/dragonfly
11
https://github.com/filebrowser/filebrowser
11
https://github.com/cloudflare/cfrpki
11
https://github.com/kubevirt/kubevirt
11
https://github.com/cometbft/cometbft
11
https://github.com/beego/beego
11
https://github.com/pomerium/pomerium
11
https://github.com/kyverno/kyverno
10
https://github.com/greenpau/caddy-security
10
https://github.com/authzed/spicedb
10
https://github.com/canonical/lxd
10
https://github.com/argoproj/argo-workflows
9
https://github.com/casdoor/casdoor
9
https://github.com/treeverse/lakeFS
9
https://github.com/hashicorp/go-getter
9
https://github.com/juju/juju
9
https://github.com/Consensys/gnark
8
https://github.com/istio/istio
8
https://github.com/stacklok/minder
8
https://github.com/docker/docker
8
https://github.com/pterodactyl/wings
8
https://github.com/minio/minio
8
https://github.com/gofiber/fiber
8
https://github.com/navidrome/navidrome
8
https://github.com/kubeedge/kubeedge
8
https://github.com/containers/buildah
8
https://github.com/hpcng/singularity
7
https://github.com/ollama/ollama
7
https://github.com/hyperledger/fabric
7
https://github.com/kubernetes/ingress-nginx
7
https://github.com/evmos/evmos
7
https://github.com/google/fscrypt
7
https://github.com/neuvector/neuvector
7
https://github.com/drakkan/sftpgo
6
https://github.com/quic-go/quic-go
6
https://github.com/cubefs/cubefs
6
https://github.com/coredns/coredns
6
https://github.com/fluxcd/flux2
6
https://github.com/schollz/croc
6
https://github.com/oauth2-proxy/oauth2-proxy
6
https://github.com/git-lfs/git-lfs
6
https://github.com/moby/buildkit
6
https://github.com/lf-edge/ekuiper
6
https://github.com/charmbracelet/soft-serve
6
https://github.com/open-policy-agent/opa
6
https://github.com/sigstore/cosign
6
https://github.com/pion/dtls
6
https://github.com/gravitl/netmaker
6
https://github.com/0xJacky/nginx-ui
5
https://github.com/cheqd/cheqd-node
5
https://github.com/t2bot/matrix-media-repo
5
https://github.com/ipfs/go-ipfs
5
https://github.com/free5gc/free5gc
5
https://github.com/crewjam/saml
5
https://github.com/cli/cli
5
https://github.com/osrg/gobgp
5
https://github.com/tendermint/tendermint
5
https://github.com/foxcpp/maddy
5
https://github.com/gophish/gophish
5
https://github.com/CosmWasm/wasmd
5
https://github.com/siyuan-note/siyuan
5
https://github.com/IBAX-io/go-ibax
5
https://github.com/edgelesssys/contrast
5
https://github.com/grafana/bugbounty
4
https://github.com/golang/crypto
4
https://github.com/authelia/authelia
4
https://github.com/russellhaering/gosaml2
4
https://github.com/woodpecker-ci/woodpecker
4
https://github.com/arduino/arduino-create-agent
4
https://github.com/crossplane/crossplane
4
https://github.com/projectdiscovery/nuclei
4
https://github.com/babylonlabs-io/babylon
4
https://github.com/tidwall/gjson
4
https://github.com/BishopFox/sliver
4
https://github.com/owncast/owncast
4
https://github.com/containous/traefik
4
https://github.com/alist-org/alist
4
https://github.com/coder/coder
4
https://github.com/cosmos/ibc-go
4
https://github.com/edgelesssys/constellation
4
https://github.com/notaryproject/notation-go
4
https://github.com/meshery/meshery
4
https://github.com/envoyproxy/envoy
4
https://github.com/ory/fosite
4
https://github.com/go-git/go-git
4
https://github.com/vitessio/vitess
4
https://github.com/concourse/concourse
4
https://github.com/apache/trafficcontrol
4
https://github.com/gin-gonic/gin
4
https://github.com/IceWhaleTech/CasaOS-UserService
4
https://github.com/snapcore/snapd
4
https://github.com/dexidp/dex
4
https://github.com/CosmWasm/wasmvm
4
https://github.com/dhowden/tag
4
https://github.com/lestrrat-go/jwx
4
https://github.com/chaos-mesh/chaos-mesh
4
https://github.com/siderolabs/talos
4
https://github.com/go-vela/server
4
https://github.com/mholt/archiver
3
https://github.com/cortexproject/cortex
3
https://github.com/syncthing/syncthing
3
https://github.com/go-jose/go-jose
3
https://github.com/mattermost/mattermost-plugin-playbooks
3
https://github.com/temporalio/temporal
3
https://github.com/runatlantis/atlantis
3
https://github.com/NVIDIA/gpu-operator
3
https://github.com/ipfs/boxo
3
https://github.com/karmada-io/karmada
3
https://github.com/ubuntu/authd
3
https://github.com/tiagorlampert/CHAOS
3
https://github.com/heketi/heketi
3
https://github.com/ElrondNetwork/elrond-go
3
https://github.com/phachon/mm-wiki
3
https://github.com/miniflux/v2
3
https://github.com/artifacthub/hub
3
https://github.com/Consensys/gnark-crypto
3
https://github.com/apache/incubator-answer
3
https://github.com/go-yaml/yaml
3
https://github.com/gogits/gogs
3
https://github.com/KubeOperator/KubePi
3
https://github.com/caddyserver/caddy
3
https://github.com/openshift/origin
3
https://github.com/moby/libnetwork
3
https://github.com/plentico/plenti
3
https://github.com/ctfer-io/chall-manager
3
https://github.com/kcp-dev/kcp
3
https://github.com/sylabs/singularity
3
https://github.com/dutchcoders/transfer.sh
3
https://github.com/flyteorg/flyteadmin
3
https://github.com/imgproxy/imgproxy
3
https://github.com/clidey/whodb
3
https://github.com/aws/aws-sdk-go
3
https://github.com/libp2p/go-libp2p
3
https://github.com/distribution/distribution
3
https://github.com/AlexxIT/go2rtc
3
https://github.com/ory/oathkeeper
3
https://github.com/u-root/u-root
3
https://github.com/siderolabs/omni
3
https://github.com/open-telemetry/opentelemetry-go-contrib
3
https://github.com/edgelesssys/marblerun
3
https://github.com/lightningnetwork/lnd
3
https://github.com/gohugoio/hugo
3
https://github.com/cloudflare/circl
3
https://github.com/argoproj/argo-events
3
https://github.com/mattermost/mattermost-plugin-boards
3
https://github.com/square/go-jose
3
https://github.com/SpectoLabs/hoverfly
3
https://github.com/theupdateframework/go-tuf
3
https://github.com/tailscale/tailscale
3
https://github.com/flipped-aurora/gin-vue-admin
3
https://github.com/project-zot/zot
3
https://github.com/mudler/localai
3
https://github.com/nats-io/jwt
3
https://github.com/kubernetes-sigs/secrets-store-csi-driver
3
https://github.com/metal3-io/baremetal-operator
3
https://github.com/pingcap/tidb
3
https://github.com/fleetdm/fleet
3
https://github.com/kiali/kiali
3
https://github.com/weaveworks/weave-gitops
3
https://github.com/IoFinnet/tss-lib
3
https://github.com/goauthentik/authentik
3
https://github.com/go-viper/mapstructure
2
https://github.com/containers/libpod
2
https://github.com/bitly/oauth2_proxy
2
https://github.com/projectcalico/calico
2
https://github.com/fkie-cad/yapscan
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/netlify/gotrue
2
https://github.com/knadh/listmonk
2