- Partners
- Docs
- Compare Open Source VS Enterprise
- Contact Sales
- Downloads
I've chosen KrakenD because of its simplicity, statelessness, immutability, and performance.
Fabijan Bajo
Tech Lead Cloud Infrastructure / IBM
I've chosen KrakenD because of its simplicity, statelessness, immutability, and performance.
Fabijan Bajo
Tech Lead Cloud Infrastructure / IBM
CVE-2026-32289
Medium
· CVSS 5.3
False Positivehtml/template package to generate
HTML or JavaScript responses. The vulnerable code path in html/template is never
invoked during normal KrakenD operation.Addressed through routine dependency maintenance in CE 2.13.4 and EE 2.13.2.
Component
Go standard library (html/template)
Disclosed
Apr 8, 2026
CVSS Score
5.3
html/template package incorrectly tracks JavaScript template literal context
in certain template patterns. Content that appears after a template action inside a
JS template literal may be treated as plain JavaScript rather than literal content,
potentially bypassing the package’s context-aware escaping and enabling cross-site
scripting in applications that render HTML.Stay up to date with KrakenD releases and important updates