GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
17 advisories
Rust has Critical Stored XSS in Preview Modal, leading to Administrative Account Takeover
Critical
CVE-2026-27822
was published
for
rustfs
(Rust)
Feb 25, 2026
Salvo is vulnerable to reflected XSS in the list_html function
High
CVE-2026-22256
was published
for
salvo
(Rust)
Jan 8, 2026
Salvo is vulnerable to stored XSS in the list_html function by uploading files with malicious names
High
CVE-2026-22257
was published
for
salvo
(Rust)
Jan 8, 2026
deno_doc's HTML generator vulnerable to Cross-site Scripting
Low
CVE-2024-32468
was published
for
deno_doc
(Rust)
Nov 25, 2024
DOM clobbering could escalate to Cross-site Scripting (XSS)
Moderate
CVE-2024-45389
was published
for
@pagefind/default-ui
(npm)
Sep 3, 2024
static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names
Moderate
CVE-2024-32966
was published
for
static-web-server
(Rust)
May 1, 2024
Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports
Low
CVE-2023-40030
was published
for
cargo
(Rust)
Aug 24, 2023
Space bug in `clean_text`
Moderate
GHSA-p2g9-94wh-65c2
was published
for
ammonia
(Rust)
Jun 16, 2022
ProTip!
Advisories are also available from the
GraphQL API