github.com/SpectoLabs/hoverfly vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-50018Mediumgithub.com/SpectoLabs/hoverfly: Hoverfly: Denial of Service via Goroutine Leak in Remote Post-Serve ActionsCVE-2026-50013Highgithub.com/SpectoLabs/hoverfly: Hoverfly: Process Crash via Concurrent Map Write Race Condition in Diff ModeCVE-2025-54376Highgithub.com/SpectoLabs/hoverfly: WebSocket endpoint `/api/v2/ws/logs` reachable without authentication even when --auth is enabledCVE-2025-54123Criticalgithub.com/SpectoLabs/hoverfly: Hoverfly is vulnerable to Remote Code Execution through an insecure middleware implementationCVE-2024-45388Highgithub.com/spectolabs/hoverfly: Hoverfly allows an arbitrary file read in the `/api/v2/simulation` endpoint (`GHSL-2023-274`)

Stop the waste.
Protect your environment with Kodem.