{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T20:37:39.963","vulnerabilities":[{"cve":{"id":"CVE-2026-30955","sourceIdentifier":"security-advisories@github.com","published":"2026-03-13T19:54:35.740","lastModified":"2026-03-17T13:46:57.010","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is fixed in 2.2.4."},{"lang":"es","value":"Gokapi es un servidor para compartir archivos autoalojado con expiración automática y soporte de cifrado. Antes de la versión 2.2.4, un endpoint de API acepta cuerpos de solicitud ilimitados sin ningún límite de tamaño. Un usuario autenticado puede causar un OOM kill y una interrupción completa del servicio para todos los usuarios. Esta vulnerabilidad está corregida en la versión 2.2.4."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:forceu:gokapi:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.4","matchCriteriaId":"CE6F3F4D-D449-43DD-BB3D-86F98581926C"}]}]}],"references":[{"url":"https://github.com/Forceu/Gokapi/releases/tag/v2.2.4","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/Forceu/Gokapi/security/advisories/GHSA-qwc6-vc2v-2ggj","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}