CVE-2026-22820

Published January 14th, 2026

View on NVD ↗

CVSS v3

3.7

LOW

CVSS v2

N/A

Affected

PROJECT

Description

Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. This vulnerability is fixed in 0.1.5.

outray-tunnel/outray

Open-source ngrok alternative.

GitHub

1.08K