VYPR

Go modules package

github.com/cloudreve/cloudreve/v4

pkg:golang/github.com/cloudreve/cloudreve/v4

Vulnerabilities (1)

  • CVE-2026-25726HigApr 3, 2026
    affected < 4.0.0-20260205113604-ec9fdd33bc54fixed 4.0.0-20260205113604-ec9fdd33bc54

    Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt. Thes