Launch Week Day 1: Announcing Security Design Review
Start for Free
go

github.com/siderolabs/omni

View on go registry
9 Total advisories
9 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 7.6
Go

CVE-2026-45726

Omni: Reader-level users can retrieve imported cluster CA keys via ResourceService
HIGH 7.0
Go

CVE-2026-45720

Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token
LOW 2.7
Go

CVE-2026-45723

Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic
UNKNOWN
Go

CVE-2025-59836

Omni is Vulnerable to DoS via Empty Create/Update Resource Requests in github.com/siderolabs/omni
UNKNOWN
Go

CVE-2025-61688

Omni vulnerable to information leak via API in github.com/siderolabs/omni
UNKNOWN
Go

CVE-2025-59824

Omni Wireguard SideroLink potential escape in github.com/siderolabs/omni
HIGH 8.6
Go

CVE-2025-61688

Omni vulnerable to information leak via API
MEDIUM 5.3
Go

CVE-2025-59836

Omni is Vulnerable to DoS via Empty Create/Update Resource Requests
UNKNOWN
Go

CVE-2025-59824

Omni Wireguard SideroLink potential escape

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes