GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
5 advisories
motionEye's missing authentication on ActionHandler allows unauthenticated camera action execution
Moderate
CVE-2026-55863
was published
for
motioneye
(pip)
Jun 23, 2026
motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read
High
CVE-2026-55488
was published
for
motioneye
(pip)
Jun 23, 2026
ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components
Low
CVE-2026-55671
was published
for
github.com/zitadel/zitadel
(Go)
Jun 18, 2026
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
Moderate
CVE-2026-54094
was published
for
github.com/filebrowser/filebrowser
(Go)
Jun 12, 2026
Firefly II has Stored XSS in Audit Log Entry view via piggy bank name (ale.twig)
Moderate
GHSA-6jq6-x4cx-qvcm
was published
for
grumpydictator/firefly-iii
(Composer)
Jun 12, 2026
ProTip!
Advisories are also available from the
GraphQL API