Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

fiber — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in fiber, with AI-generated Chinese analysis, references, and POCs.

This page documents Common Weakness Enumerations associated with the Fiber vendor product category, specifically focusing on network infrastructure vulnerabilities. It aggregates a comprehensive collection of security flaws, ranging from remote code execution and privilege escalation to information disclosure and denial of service issues affecting Fiber optical networking equipment and management software. The database covers vulnerability reports and advisories issued between January 2015 and present day, ensuring a broad historical perspective on emerging threats in the fiber optic sector. Visitors to this resource can track vendor-specific security advisories to stay informed about patch releases and mitigation strategies for critical infrastructure components. Users may also explore detailed analyses of specific weakness classes to understand the underlying technical causes and potential attack vectors prevalent in modern fiber networks. Additionally, the page provides a detailed look-up function for product vulnerability history, allowing security professionals to review the evolution of security issues within specific device models over time. This structured approach aids in risk assessment, compliance auditing, and the development of robust security policies for organizations relying on fiber connectivity. The content is curated to support technical teams in identifying, prioritizing, and remediating security gaps without overwhelming them with unstructured data. By centralizing these insights, the platform facilitates a clearer understanding of the threat landscape unique to fiber optic technologies and supports proactive defense mechanisms against known exploit patterns.

Vendor: gofiber

CVE IDTitleCVSSSeverityPublished
CVE-2026-44332 Fiber: Username Enumeration via Timing Oracle in BasicAuth Default Authorizer CWE-203 5.3 Medium2026-07-08
CVE-2026-53624 Fiber: HSTS header never set in helmet middleware due to incorrect protocol check CWE-319 4.8 Medium2026-07-08
CVE-2026-45045 Fiber: X-Real-IP Spoofing via Header.Add() in BalancerForward CWE-290 5.3 Medium2026-07-08
CVE-2026-42554 Fiber: XSS in AutoFormat Content Negotiation CWE-79--2026-05-11
CVE-2026-30246 github.com/gofiber/fiber/v3 cache middleware can mix responses across query parameters CWE-436 6.5 Medium2026-05-05
CVE-2026-25899 Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation CWE-789 7.5 High2026-02-24
CVE-2026-25891 Fiber has an Arbitrary File Read in Static Middleware on Windows CWE-22 7.5AIHighAI2026-02-24
CVE-2026-25882 Fiber has a Denial of Service Vulnerability via Route Parameter Overflow CWE-129 7.5AIHighAI2026-02-24
CVE-2025-66630 Fiber insecurely fallsback in utils.UUIDv4() / utils.UUID() — predictable / zero‑UUID on crypto/rand failure CWE-338 9.1AICriticalAI2026-02-09
CVE-2025-54801 Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder CWE-789 7.5AIHighAI2025-08-05
CVE-2025-48075 Fiber panics when fiber.Ctx.BodyParser parses invalid range index CWE-129 7.5AIHighAI2025-05-22
CVE-2024-38513 Fiber Session Middleware Token Injection Vulnerability CWE-384 10.0 Critical2024-07-01
CVE-2024-25124 Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials CWE-346 9.4 Critical2024-02-21
CVE-2023-45141 CSRF Token Validation Vulnerability in fiber CWE-352 8.6 High2023-10-16
CVE-2023-45128 CSRF Token Reuse Vulnerability in fiber CWE-20 10.0 Critical2023-10-16
CVE-2023-41338 Vulnerability in Ctx.IsFromLocal() in gofiber CWE-670 5.3 Medium2023-09-08
CVE-2020-15111 CRLF vulnerability in Fiber CWE-74 4.2 Medium2020-07-20

All 17 known CVE vulnerabilities affecting fiber with full Chinese analysis, references, and POCs where available.