Go/github.com/hahwul/dalfox/v2 — 5 CVEs

CRITICAL10.0CVE-2026-45087Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action`

from 0, < 2.13.0

HIGH8.2CVE-2026-45089Dalfox Server Mode has an Unauthenticated Arbitrary File Create/Append via `output` Option

from 0, < 2.13.0

HIGH7.5CVE-2026-45090Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode) in github.com/hahwul/dalfox

from 0, < 2.13.0

HIGH7.5Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode) in github.com/hahwul/dalfox

from 0, < 2.13.0

HIGH7.5Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`

from 0, < 2.13.0

pkg:Go/github.com/hahwul/dalfox/v2

✅ Check your installed version

All known vulnerabilities