- Partners
- Docs
- Compare Open Source VS Enterprise
- Contact Sales
- Downloads
I've chosen KrakenD because of its simplicity, statelessness, immutability, and performance.
Fabijan Bajo
Tech Lead Cloud Infrastructure / IBM
I've chosen KrakenD because of its simplicity, statelessness, immutability, and performance.
Fabijan Bajo
Tech Lead Cloud Infrastructure / IBM
CVE-2026-25681
Medium
False Positivegolang.org/x/net/html to parse or
render HTML content from user requests. The vulnerable HTML parsing code path is
never invoked during KrakenD operation.Addressed through routine dependency maintenance in CE 2.13.6 and EE 2.13.4.
Component
golang.org/x/net (html)
Disclosed
May 26, 2026
golang.org/x/net/html package incorrectly handles character references
within DOCTYPE nodes, potentially allowing cross-site scripting through malformed
DOCTYPE declarations in parsed HTML content.Stay up to date with KrakenD releases and important updates