- Partners
- Docs
- Compare Open Source VS Enterprise
- Contact Sales
- Downloads
I've chosen KrakenD because of its simplicity, statelessness, immutability, and performance.
Fabijan Bajo
Tech Lead Cloud Infrastructure / IBM
I've chosen KrakenD because of its simplicity, statelessness, immutability, and performance.
Fabijan Bajo
Tech Lead Cloud Infrastructure / IBM
CVE-2026-27140
Medium
· CVSS 5.3
False Positivecmd/go). KrakenD
distributes pre-compiled binaries and does not invoke go build at runtime.
End users running KrakenD as a gateway are not affected.Addressed through routine dependency maintenance in CE 2.13.4 and EE 2.13.2.
Component
Go standard library (cmd/go)
Disclosed
Apr 8, 2026
CVSS Score
5.3
cmd/go build tool trust layer can be bypassed when a project uses both cgo
and SWIG together. This may allow untrusted code to be executed at build time during
a go build invocation, affecting the security of the resulting binary.Stay up to date with KrakenD releases and important updates