GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,780 advisories
NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality
Moderate
CVE-2026-24767
was published
for
nocodb
(npm)
Jan 28, 2026
vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector
High
CVE-2026-24779
was published
for
vllm
(pip)
Jan 28, 2026
TaskWeaver has Protection Mechanism Failure and Server-Side Request Forgery (SSRF)
Moderate
GHSA-gpx9-96j6-pp87
was published
for
agentos-taskweaver
(pip)
Jan 28, 2026
Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Critical
CVE-2026-22039
was published
for
github.com/kyverno/kyverno
(Go)
Jan 27, 2026
Skipper Ingress Controller Allows Unauthorized Access to Internal Services via ExternalName
High
CVE-2026-24470
was published
for
github.com/zalando/skipper
(Go)
Jan 26, 2026
Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL
Moderate
CVE-2026-24117
was published
for
github.com/sigstore/rekor
(Go)
Jan 22, 2026
ProTip!
Advisories are also available from the
GraphQL API