GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6,659 advisories
In Soft Serve, an authenticated repo import can clone server-local private repositories
High
CVE-2026-33353
was published
for
github.com/charmbracelet/soft-serve
(Go)
Mar 19, 2026
Statamic is missing authorization check on taxonomy term creation via fieldtype
Moderate
CVE-2026-33177
was published
for
statamic/cms
(Composer)
Mar 18, 2026
Yoast Duplicate Post has an Authenticated (Contributor+) Missing Authorization to Arbitrary Post Duplication and Overwrite
Moderate
CVE-2026-1217
was published
for
yoast/duplicate-post
(Composer)
Mar 18, 2026
Admidio is Missing Authorization on Forum Topic and Post Deletion
Moderate
CVE-2026-32818
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Admidio is Missing Authorization and CSRF Protection on Document and Folder Deletion
Critical
CVE-2026-32817
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Azure Blob Storage for Craft CMS Potential Sensitive Information Disclosure vulnerability
High
CVE-2026-32268
was published
for
craftcms/azure-blob
(Composer)
Mar 16, 2026
ProTip!
Advisories are also available from the
GraphQL API