GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
locutus call_user_func_array vulnerable to Remote Code Execution (RCE) due to Code Injection
High
CVE-2026-29091
was published
for
locutus
(npm)
Mar 4, 2026
Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
High
CVE-2026-23950
was published
for
tar
(npm)
Jan 21, 2026
Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
High
CVE-2026-33242
was published
for
salvo
(Rust)
Mar 19, 2026
validateSignature Loop Variable Capture Signature Bypass in goxmldsig
High
CVE-2026-33487
was published
for
github.com/russellhaering/goxmldsig
(Go)
Mar 18, 2026
ProTip!
Advisories are also available from the
GraphQL API