Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

62 advisories

Loading
fixurjavainstall: Previous Fuji versions can accidentally wipe `/usr/share/man/man8` Low
GHSA-fq3w-p4fg-mw73 was published for fixurjavainstall (Rust) Jun 25, 2026
EpicVon2468 Credited to EpicVon2468
stigmem-node's federation insecure transport settings may allow non-loopback cleartext federation Critical
GHSA-jmfc-hfjq-pxcp was published for stigmem-node (pip) May 29, 2026
Algernon: Single-file mode unconditionally enables debug mode High
CVE-2026-45728 was published for github.com/xyproto/algernon (Go) May 19, 2026
Dredsen Credited to Dredsen
Development and test API endpoints are present that mirror production functionality. Moderate Unreviewed
CVE-2026-32662 was published Apr 3, 2026
Sprig Plugin for Craft CMS potentially discloses sensitive information via Sprig Playground Moderate
CVE-2026-27131 was published for putyourlightson/craft-sprig (Composer) Mar 23, 2026
Neosprings Credited to Neosprings and bencroker bencroker bencroker
Unfurl's debug mode cannot be disabled due to string config parsing (Werkzeug debugger exposure) Critical
GHSA-vg9h-jx4v-cwx2 was published for dfir-unfurl (pip) Jan 29, 2026
mobasi-team Credited to mobasi-team
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3,... Moderate Unreviewed
CVE-2025-54660 was published Nov 18, 2025
Information disclosure while capturing logs as eSE debug messages are logged. Moderate Unreviewed
CVE-2025-21472 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API