Security Advisory

CVE-2026-30955

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-13 19:07:55

Last updated 2026-03-13 19:39:58

Assigner GitHub_M

State PUBLISHED

Description

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is fixed in 2.2.4.

← Browse all CVEs View on cve.org ↗