How severe is CVE-2026-22820?

The severity of CVE-2026-22820 has not been assessed with CVSS v3.

CVE-2026-22820

NONE

Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. This vulnerability is fi

Published: 1/14/2026Updated: 1/14/2026

Description

Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. This vulnerability is fixed in 0.1.5.

AI AnalysisPowered by AI

References

https://github.com/outray-tunnel/outray/commit/08c61495761349e7fd2965229c3faa8d7b1c1581
https://github.com/outray-tunnel/outray/security/advisories/GHSA-3pqc-836w-jgr7