GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails
Moderate
CVE-2026-22689
was published
for
github.com/axllent/mailpit
(Go)
Jan 13, 2026
Mailpit Proxy Endpoint has Server-Side Request Forgery (SSRF) vulnerability
Moderate
CVE-2026-21859
was published
for
github.com/axllent/mailpit
(Go)
Jan 6, 2026
Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects.
Critical
CVE-2025-64459
was published
for
django
(pip)
Nov 5, 2025
ProTip!
Advisories are also available from the
GraphQL API