Is github.com/sagernet/sing-box safe to use?

github.com/sagernet/sing-box has 1 known vulnerabilities on the latest version (v1.13.11). DepScope rates its health at 70/100 (moderate risk).

What is the latest version of github.com/sagernet/sing-box?

The latest version of github.com/sagernet/sing-box is v1.13.11, released 2026-04-22.

Yes. github.com/sagernet/sing-box has 1 known vulnerabilities. See depscope.dev/pkg/go/github.com/sagernet/sing-box for details.

No, github.com/sagernet/sing-box is actively maintained. Latest release: v1.13.11 (2026-04-22).

DepScope has no curated alternatives for github.com/sagernet/sing-box at this time.

github.com/sagernet/sing-box is licensed under GPL-3.0-or-later.

govv1.13.11

The universal proxy platform

License GPL-3.0-or-later524 versions101 maintainers0 deps32,966 weekly dl

/ 100

Health

do not use

github.com/sagernet/sing-box has critical vulnerabilities — do not use

Update to >= 0.2.12-0.20230925092853-5b05b5c147d9 to fix known vulnerabilities

Health breakdown0 – 100

25/25

maintenance

10/20

popularity

15/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2023-43644	sing-box vulnerable to improper authentication in the SOCKS inbound	0.2.12-0.20230925092853-5b05b5c147d9

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/sagernet/sing-box

Last updated · 2026-04-22T23:30:34Z