VYPR

Go modules package

github.com/dunglas/mercure

pkg:golang/github.com/dunglas/mercure

Vulnerabilities (1)

  • CVE-2026-39972HigApr 9, 2026
    affected < 0.22.0fixed 0.22.0

    Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to