VYPR

Go modules package

github.com/projectdiscovery/nuclei/v3

pkg:golang/github.com/projectdiscovery/nuclei/v3

Vulnerabilities (5)

  • CVE-2026-41646MedMay 8, 2026
    affected >= 3.0.0, < 3.8.0fixed 3.8.0

    Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's JavaScript protocol runtime allows JavaScript templates to read local .js and .json files through the require() function, bypassing the defa

  • CVE-2026-41645MedMay 8, 2026
    affected >= 3.0.0, < 3.8.0fixed 3.8.0

    Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's expression evaluation engine makes it possible for a malicious target server to inject and execute supported DSL expressions. This happens w

  • CVE-2024-43405Sep 4, 2024
    affected >= 3.0.0, < 3.3.2fixed 3.3.2

    Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code vi

  • CVE-2024-40641HigJul 17, 2024
    affected < 3.3.0fixed 3.3.0

    Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute wo

  • CVE-2024-27920Mar 15, 2024
    affected >= 3.0.0, < 3.2.0fixed 3.2.0

    projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects use