pkg:Go/www.velocidex.com/golang/velociraptor

11 total CVEsCRITICAL1HIGH2MEDIUM8

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2026-6290Velociraptor vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token
    from 0, <= 0.76.2
  • HIGH8.8CVE-2023-0242Velociraptor vulnerable to Missing Authorization in www.velocidex.com/golang/velociraptor
    from 0, < 0.6.7-5
  • HIGH8.8CVE-2023-0242Velociraptor vulnerable to Missing Authorization in www.velocidex.com/golang/velociraptor
    from 0, < 0.6.7-5
  • MEDIUM6.8CVE-2026-6863Velocidex Velociraptor has an Incorrect Authorization issue
    from 0, < 0.76.4
  • MEDIUM6.8CVE-2026-6863Velocidex Velociraptor has an Incorrect Authorization issue
    from 0, < 0.76.4
  • MEDIUM5.0CVE-2026-7573Velocidex Velociraptor has an authorization bypass vulnerability
    from 0, < 0.76.5
  • MEDIUM4.7CVE-2025-6264Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
    from 0, < 0.74.3
  • MEDIUM4.7CVE-2025-6264Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
    from 0, < 0.74.3
  • MEDIUM4.4CVE-2026-7572Velocidex Velociraptor has an off-by-one error
    from 0, < 0.76.5
  • MEDIUM4.3CVE-2023-0290Velociraptor subject to Path Traversal in www.velocidex.com/golang/velociraptor
    from 0, < 0.6.7-5
  • MEDIUM4.3CVE-2023-0290Velociraptor subject to Path Traversal in www.velocidex.com/golang/velociraptor
    from 0, < 0.6.7-5