Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-35393

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.0.0-beta.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.2%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-35393
  • Goshs » Goshs » Version: Any
    cpe:2.3:a:goshs:goshs:*
  • Goshs » Goshs » Version: 2.0.0
    cpe:2.3:a:goshs:goshs:2.0.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved