Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-65754
CVE-2025-65754
Cross Site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename.
Published Dec 11, 2025
https://github.com/advisories/GHSA-8jqm-8qm3-qgqm
CVSS Score
Medium
5.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
golang
github.com/xyproto/algernon
v1.13.0
golang
github.com/xyproto/algernon
v1.14.0
golang
github.com/xyproto/algernon
v1.15.0
golang
github.com/xyproto/algernon
v1.15.1
golang
github.com/xyproto/algernon
v1.15.2
golang
github.com/xyproto/algernon
v1.15.3
golang
github.com/xyproto/algernon
v1.15.4
golang
github.com/xyproto/algernon
v1.15.5
golang
github.com/xyproto/algernon
v1.16.0
golang
github.com/xyproto/algernon
v1.17.0
golang
github.com/xyproto/algernon
v1.17.1
golang
github.com/xyproto/algernon
v1.17.2
golang
github.com/xyproto/algernon
v1.17.3
golang
github.com/xyproto/algernon
v1.17.4
1-14 of 14
CVE-2025-65754 | Components Impacted | Sonatype Guide | Sonatype Guide
