Every CVE whose affected-product data names Labstack Echo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-40083 — CVSS 9.6 (critical): Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be…
CVE-2020-36565 — CVSS 5.3 (medium): Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read…
CVE-2026-25766 — CVSS 5.3 (medium): Echo is a Go web framework. In versions 5.0.0 through 5.0.2 on Windows, Echo’s `middleware.Static` using the default filesystem allows…