Product
labstack echo
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-25766
CVE-2025-51741
CVE-2023-38817
CVE-2020-36565
CVE-2022-40083
CVE-2015-8007
CVE-2009-5135
>= 5.0.0 and < 5.0.3
Echo is a Go web framework. In versions 5.0.0 through 5.0.2 on Windows, Echo’s
middleware.Static using the default filesystemall versions
An issue was discovered in Veal98 Echo Open-Source Community System 2.2 thru 2.3 allowing an unauthenticated attacker to cause the
< 5.2.1.0
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_dri
< 4.2.0
Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacke
all versions
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability
all versions
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to
<= 2.1.0
The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows remote attackers to read arbitrary files via a request conta