- Partners
- Docs
- Compare Open Source VS Enterprise
- Contact Sales
- Downloads
It seems that KrakenD does not exist because it hasn't caused any problems so far and is really fast, as promised.
Celso Zavatti
Head of Technology / Ahgora Sistemas
It seems that KrakenD does not exist because it hasn't caused any problems so far and is really fast, as promised.
Celso Zavatti
Head of Technology / Ahgora Sistemas
CVE-2026-39817
Medium
False Positivecmd/go). KrakenD
distributes pre-compiled binaries and does not invoke the Go toolchain at runtime.
End users running KrakenD as a gateway are not affected.Addressed through routine dependency maintenance in CE 2.13.5 and EE 2.13.3.
Component
Go standard library (cmd/go)
Disclosed
May 11, 2026
cmd/go go tool pack command does not sanitize output path names, allowing
a maliciously crafted archive to write files to arbitrary locations outside the
intended output directory via path traversal sequences in archive entry names.Stay up to date with KrakenD releases and important updates