GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,338 advisories
JupyterHub has an Open Redirect Vulnerability
Moderate
CVE-2026-33709
was published
for
jupyterhub
(pip)
Apr 3, 2026
Authorizer: Password reset token theft and full auth token redirect via unvalidated redirect_uri
High
GHSA-x3f4-v83f-7wp2
was published
for
github.com/authorizerdev/authorizer
(Go)
Apr 6, 2026
Directus: Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow
Moderate
CVE-2026-35410
was published
for
directus
(npm)
Apr 4, 2026
Directus: Open Redirect in Admin 2FA Setup Page
Moderate
CVE-2026-35411
was published
for
directus
(npm)
Apr 4, 2026
Signal K Server: OAuth Authorization Code Theft via Unvalidated Host Header in OIDC Flow
Moderate
CVE-2026-34083
was published
for
signalk-server
(npm)
Apr 3, 2026
Statamic has an Open Redirect on unauthenticated endpoints via URL parsing differential
Moderate
CVE-2026-33885
was published
for
statamic/cms
(Composer)
Mar 26, 2026
Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR
Moderate
CVE-2026-33397
was published
for
@angular/ssr
(npm)
Mar 19, 2026
n8n: Authenticated XSS and Open Redirect via Form Node
Moderate
GHSA-w673-8fjw-457c
was published
for
n8n
(npm)
Mar 27, 2026
AVideo has an Open Redirect via Unvalidated redirectUri in userLogin.php
Low
CVE-2026-33296
was published
for
wwbn/avideo
(Composer)
Mar 19, 2026
ProTip!
Advisories are also available from the
GraphQL API