- Partners
- Docs
- Compare Open Source VS Enterprise
- Contact Sales
- Downloads
It seems that KrakenD does not exist because it hasn't caused any problems so far and is really fast, as promised.
Celso Zavatti
Head of Technology / Ahgora Sistemas
It seems that KrakenD does not exist because it hasn't caused any problems so far and is really fast, as promised.
Celso Zavatti
Head of Technology / Ahgora Sistemas
CVE-2026-39833
Medium
False Positivegolang.org/x/crypto/ssh/agent package is a transitive dependency but its
code paths are never invoked during KrakenD operation. The dependency was
upgraded as a precaution.Addressed through routine dependency maintenance in CE 2.13.6 and EE 2.13.4.
Component
golang.org/x/crypto (SSH)
Disclosed
May 26, 2026
ConfirmBeforeUse key constraint in Go’s golang.org/x/crypto/ssh/agent
in-memory keyring is silently not enforced. Keys marked for confirmation before
use can be used without confirmation, undermining the intended access control.Stay up to date with KrakenD releases and important updates