GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Craft CMS: Blind SSRF and Arbitrary JavaScript Injection via Host Header Poisoning in actionResourceJs
Critical
CVE-2026-55791
was published
for
craftcms/cms
(Composer)
Jun 19, 2026
Wagtail has improper permission handling when viewing page history
Moderate
CVE-2026-44198
was published
for
wagtail
(pip)
May 8, 2026
Wagtail has improper permission handling when comparing revisions
Moderate
CVE-2026-44197
was published
for
wagtail
(pip)
May 8, 2026
ProTip!
Advisories are also available from the
GraphQL API