| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6993 | go-kratos http.DefaultServeMux Fallback server.go NewServer confused deputy | go-kratos | kratos | Medium | 5.3 | 2026-04-25 18:30:16 | Deep Dive |
| CVE-2026-33503 | Ory Kratos has a SQL injection via forged pagination tokens | ory | kratos | High | 7.2 | 2026-03-26 17:32:16 | Deep Dive |
| CVE-2024-45042 | Ory Kratos's `highest_available` setting does not properly respect code + mfa credentials | ory | kratos | Medium | 4.4 | 2024-09-26 17:04:59 | Deep Dive |