Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

131,736 advisories

Loading
Skipper: Incomplete fix for CVE-2026-50197: an oversized body can bypass OPA deny-on-presence Rego policies High
GHSA-8qqm-fp2q-v734 was published for github.com/zalando/skipper (Go) Jul 17, 2026
tonghuaroot Credited to tonghuaroot
A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in... High Unreviewed
CVE-2026-16118 was published Jul 17, 2026
hackkim Credited to hackkim
Prompty: Arbitrary code execution via JavaScript frontmatter in TypeScript loader High
CVE-2026-53597 was published for @prompty/core (npm) Jul 17, 2026
cristianstaicu Credited to cristianstaicu
Prompty: Arbitrary file read via file reference expansion High
CVE-2026-53598 was published for @prompty/core (npm) Jul 17, 2026
Gitea has insufficient permission checks for Composer package source links High
CVE-2026-27771 was published for code.gitea.io/gitea (Go) Jul 17, 2026
DevNoScope Credited to DevNoScope
meta-ads-mcp: X-Pipeboard-Token Header Auth Bypass Reuses Operator Meta Token High
CVE-2026-54547 was published for meta-ads-mcp (pip) Jul 17, 2026
EQSTLab Credited to EQSTLab
EQSTLab Credited to EQSTLab and useworld useworld useworld
ProTip! Advisories are also available from the GraphQL API