VYPR

Go modules package

github.com/antchfx/xpath

pkg:golang/github.com/antchfx/xpath

Vulnerabilities (1)

  • CVE-2026-32287HigMar 26, 2026
    affected < 1.3.6fixed 1.3.6

    Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true()".