GO-2025-3973 — Vulnetix

GO-2025-3973 PUBLISHED

DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly

Affected Products

Vendor	Product	Versions
github.com	dragonflyoss/dragonfly	0, 0
d7y.io	dragonfly/v2	0, 0

Timeline

Sep 24, 2025 CVE Published
Mar 3, 2026 CVE Updated
May 1, 2026 Security Advisory

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›