Approved changes feed: RSS · Atom

cpe:2.3:a:akinloluwami:outray:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAkinloluwami (1d5034cb-9d62-5c2f-b9ac-a09c781b2a4c)
ProductOutray (afe0e08f-f0e6-58ec-8c29-2648fde22b26)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-22820 vulnerable 2026-06-08 07:51:13.998475 Outray cli is vulnerable to race conditions in tunnels creation
Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. This vulnerability is fixed in 0.1.5.
Published: 2026-01-14T15:06:51.127Z
Updated: 2026-01-14T15:19:46.837Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-22819 vulnerable 2026-06-08 07:51:13.997325 Outray has a Race Condition in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts
MEDIUM (5.9)
Outray openSource ngrok alternative. Prior to 0.1.5, this vulnerability allows a user i.e a free plan user to get more than the desired subdomains due to lack of db transaction lock mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. This vulnerability is fixed in 0.1.5.
Published: 2026-01-14T18:04:33.426Z
Updated: 2026-01-14T21:13:36.389Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.