Every CVE whose affected-product data names Forceu Gokapi, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2026-28683 — CVSS 8.7 (high): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, if a malicious…
CVE-2026-30955 — CVSS 6.5 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts…
CVE-2026-28682 — CVSS 6.4 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, the upload status SSE…
CVE-2025-48494 — CVSS 5.4 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. When using end-to-end encryption, a stored…
CVE-2025-48495 — CVSS 5.4 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. By renaming the friendly name of an API key…
CVE-2026-29061 — CVSS 5.4 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, a privilege…
CVE-2026-29060 — CVSS 5.0 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, a registered user…
CVE-2026-29084 — CVSS 4.6 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, the login flow…
CVE-2026-30961 — CVSS 4.3 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion…
CVE-2026-30943 — CVSS 4.1 (medium): Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An insufficient authorization…