Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

164,150 advisories

Loading
kuma-dp connects to control plane without verifying TLS certificate when no CA is configured Moderate
CVE-2026-52724 was published for github.com/kumahq/kuma (Go) Jul 16, 2026
Nuclio: Unauthenticated path traversal in spec.handler allows arbitrary file write in Dashboard container Moderate
CVE-2026-52832 was published for github.com/nuclio/nuclio (Go) Jul 16, 2026
j311yl0v3u Credited to j311yl0v3u and b0b0haha b0b0haha b0b0haha
Envoy Gateway: Wasm cache ServeHTTP reads mappingPath2Cache without lock Moderate
CVE-2026-53715 was published for github.com/envoyproxy/gateway (Go) Jul 16, 2026
zhaohuabing Credited to zhaohuabing
Envoy Gateway: OCI layer extraction allocates make([]byte, h.Size) from untrusted tar header Moderate
CVE-2026-53717 was published for github.com/envoyproxy/gateway (Go) Jul 16, 2026
zhaohuabing Credited to zhaohuabing
Envoy Gateway: Nil-dereference when SecurityPolicy targets TCPRoute without spec.authorization Moderate
CVE-2026-53719 was published for github.com/envoyproxy/gateway (Go) Jul 16, 2026
Envoy Gateway: Wasm HTTP fetch decompresses gzip without output-size limit Moderate
CVE-2026-53716 was published for github.com/envoyproxy/gateway (Go) Jul 16, 2026
zhaohuabing Credited to zhaohuabing
ProTip! Advisories are also available from the GraphQL API