github.com/caddyserver/caddy/v2/modules/caddyhttp (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/caddyserver/caddy/v2/modules/caddyhttp, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (1)
CVE-2026-30852 — CVSS 7.5 (high): Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the vars_regexp matcher in…