GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
Ella Core Panics during NAS Authentication Response/Failure with missing IEs
Moderate
CVE-2026-33907
was published
for
github.com/ellanetworks/core
(Go)
Mar 26, 2026
Ella Core has a Denial of Service via SCTP connection cleanup deadlock
Moderate
CVE-2026-33904
was published
for
github.com/ellanetworks/core
(Go)
Mar 26, 2026
Ella Core panics when processing a crafted NGAP LocationReport message
Moderate
CVE-2026-33903
was published
for
github.com/ellanetworks/core
(Go)
Mar 26, 2026
Vikjuna Bypasses Webhook SSRF Protections During OpenID Connect Avatar Download
Moderate
CVE-2026-33679
was published
for
code.vikunja.io/api
(Go)
Mar 25, 2026
Vikjuna: Webhook BasicAuth Credentials Exposed to Read-Only Project Collaborators via API
Moderate
CVE-2026-33677
was published
for
code.vikunja.io/api
(Go)
Mar 25, 2026
Vikunja has Cross-Project Information Disclosure via Task Relations — Missing Authorization Check on Related Task Read
Moderate
CVE-2026-33676
was published
for
code.vikunja.io/api
(Go)
Mar 25, 2026
Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources
Moderate
CVE-2026-33675
was published
for
code.vikunja.io/api
(Go)
Mar 25, 2026
SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home (GHSA-h5vh-m7fg-w5h6 Bypass)
Moderate
CVE-2026-33194
was published
for
github.com/siyuan-note/siyuan/kernel
(Go)
Mar 18, 2026
ProTip!
Advisories are also available from the
GraphQL API