Vulnerability Report: GO-2026-5772
- CVE-2026-45721, GHSA-xwcr-wm99-g9jc
- Affects: github.com/xyproto/algernon
- Published: Jun 25, 2026
Algernon: handler.lua discovery walks parent directories above the server root in github.com/xyproto/algernon
For detailed information about this vulnerability, visit https://github.com/xyproto/algernon/security/advisories/GHSA-xwcr-wm99-g9jc.
Affected Packages
-
PathVersionsSymbols
Aliases
References
- https://github.com/xyproto/algernon/security/advisories/GHSA-xwcr-wm99-g9jc
- https://vuln.go.dev/ID/GO-2026-5772.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.