Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Origin Validation Error in Apache Maven Critical
CVE-2021-26291 was published for org.apache.maven:maven-compat (Maven) Jun 16, 2021
joshbressers Credited to joshbressers
Default CORS config allows any origin with credentials Critical
CVE-2021-39185 was published for org.http4s:http4s-server_2.10 (Maven) Sep 2, 2021
bplommer Credited to bplommer
Apache Camel: KeycloakSecurityPolicy does not validate issuer of JWT tokens against configured realm Critical
CVE-2026-23552 was published for org.apache.camel:camel-keycloak (Maven) Feb 23, 2026
Unity Catalog has a JWT Issuer Validation Bypass tht Allows Complete User Impersonation Critical
CVE-2026-27478 was published for io.unitycatalog:unitycatalog-server (Maven) May 11, 2026
lukas-reining Credited to lukas-reining
ProTip! Advisories are also available from the GraphQL API