GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
684 advisories
Emissary has Stored XSS via Navigation Template Link Injection
Moderate
CVE-2026-35571
was published
for
gov.nsa.emissary:emissary
(Maven)
Apr 7, 2026
Cross-site Scripting Vulnerability in Statement Browser
Moderate
CVE-2024-26140
was published
for
com.yetanalytics:lrs
(Maven)
Feb 21, 2024
Apache Ambari: Various Cross site scripting problems
Moderate
CVE-2023-50378
was published
for
org.apache.ambari:ambari
(Maven)
Mar 1, 2024
Apache Archiva Reflected Cross-site Scripting vulnerability
Moderate
CVE-2024-27140
was published
for
org.apache.archiva:archiva-common
(Maven)
Mar 1, 2024
PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages
Moderate
CVE-2026-28338
was published
for
net.sourceforge.pmd:pmd-core
(Maven)
Feb 28, 2026
Duplicate Advisory: Stored Cross-site Scripting vulnerability in Jenkins Folder-based Authorization Strategy Plugin
Moderate
GHSA-chr6-386q-4m3v
was published
for
io.jenkins.plugins:folder-auth
(Maven)
Mar 16, 2022
•
withdrawn
XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages
Moderate
CVE-2026-24128
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Jan 23, 2026
jQuery vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2011-4969
was published
for
jQuery
(RubyGems)
May 14, 2022
Duplicate Advisory: Keycloak error_description injection on error pages that can trigger phishing attacks
Moderate
GHSA-xmcw-mv9p-7pq2
was published
for
org.keycloak:keycloak-account-ui
(Maven)
Sep 5, 2025
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API