Code Pathfinder v2.1.0 ships Go language support with 21 security rules and type-aware analysis — leveraging Go's static type system to cut the false positives that plague grep-based scanning across SQL injection, gRPC, and GORM sinks.

Using Code Pathfinder's variant analysis to uncover an unpatched path traversal in Langflow's Knowledge Bases API — a variant of CVE-2026-33497 enabling arbitrary directory deletion, JWT secret deletion, and cross-user KB deletion. Fixed in v1.9.0.