Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
motionEye's missing authentication on ActionHandler allows unauthenticated camera action execution Moderate
CVE-2026-55863 was published for motioneye (pip) Jun 23, 2026
alanturing881 Credited to alanturing881, MichaIng, zagrim, Marijn0, and C4spr0x1A MichaIng MichaIng
zagrim zagrim Marijn0 Marijn0 C4spr0x1A C4spr0x1A
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope Moderate
CVE-2026-54094 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
DavidCarliez Credited to DavidCarliez, hacdias, m2hcz, and alanturing881 hacdias hacdias
m2hcz m2hcz alanturing881 alanturing881
Firefly II has Stored XSS in Audit Log Entry view via piggy bank name (ale.twig) Moderate
GHSA-6jq6-x4cx-qvcm was published for grumpydictator/firefly-iii (Composer) Jun 12, 2026
alanturing881 Credited to alanturing881
ProTip! Advisories are also available from the GraphQL API