GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5 advisories
Astro: Memory exhaustion DoS due to missing request body size limit in Server Islands
Moderate
CVE-2026-29772
was published
for
@astrojs/node
(npm)
Mar 24, 2026
AVideo Vulnerable to Reflected XSS via Unsanitized plugin Parameter in YPTWallet Stripe Payment Page
High
CVE-2026-34375
was published
for
wwbn/avideo
(Composer)
Mar 30, 2026
AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking
High
CVE-2026-34394
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
AVideo vulnerable to Mass User PII Disclosure via Missing Authorization in YPTWallet users.json.php
Moderate
CVE-2026-34395
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
AVideo has Stored XSS via Unescaped Plugin Configuration Values in Admin Panel
Moderate
CVE-2026-34396
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
ProTip!
Advisories are also available from the
GraphQL API