GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
h3 v1 has Request Smuggling (TE.TE) issue
High
CVE-2026-23527
was published
for
h3
(npm)
Jan 15, 2026
Hono cache middleware ignores "Cache-Control: private" leading to Web Cache Deception
Moderate
CVE-2026-24472
was published
for
hono
(npm)
Jan 27, 2026
n8n has OS Command Injection in Git Node
Critical
CVE-2026-25053
was published
for
n8n
(npm)
Feb 4, 2026
n8n: Webhook Forgery on Github Webhook Trigger
Moderate
GHSA-mqpr-49jj-32rc
was published
for
n8n
(npm)
Feb 26, 2026
Unhead has XSS bypass in `useHeadSafe` via attribute name injection and case-sensitive protocol check
Moderate
CVE-2026-31860
was published
for
unhead
(npm)
Mar 12, 2026
Unhead Vulnerable to Bypass of URI Scheme Sanitization in makeTagSafe via Case-Sensitivity
Low
CVE-2026-31873
was published
for
unhead
(npm)
Mar 12, 2026
h3 has an observable timing discrepancy in basic auth utils
Moderate
CVE-2026-33129
was published
for
h3
(npm)
Mar 18, 2026
n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode
Critical
CVE-2026-33660
was published
for
n8n
(npm)
Mar 25, 2026
n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE
Critical
CVE-2026-33696
was published
for
n8n
(npm)
Mar 26, 2026
n8n Vulnerable to XSS via Binary Data Inline HTML Rendering
Moderate
CVE-2026-33749
was published
for
n8n
(npm)
Mar 26, 2026
ProTip!
Advisories are also available from the
GraphQL API