GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
High
CVE-2026-32247
was published
for
graphiti-core
(pip)
Mar 12, 2026
Parse Server has a NoSQL injection via token type in password reset and email verification endpoints
High
CVE-2026-30941
was published
for
parse-server
(npm)
Mar 11, 2026
New API has an SQL LIKE Wildcard Injection DoS via Token Search
High
CVE-2026-25591
was published
for
github.com/QuantumNous/new-api
(Go)
Feb 23, 2026
FacturaScripts has SQL Injection in Autocomplete Actions
High
CVE-2026-25514
was published
for
facturascripts/facturascripts
(Composer)
Feb 3, 2026
FacturaScripts has SQL Injection in API ORDER BY Clause
High
CVE-2026-25513
was published
for
facturascripts/facturascripts
(Composer)
Feb 3, 2026
WhoDB allows parameter injection in DB connection URIs leading to local file inclusion
High
CVE-2025-24787
was published
for
github.com/clidey/whodb/core
(Go)
Feb 6, 2025
Sort order SQL injection in Administrate
High
CVE-2020-5257
was published
for
administrate
(RubyGems)
Mar 13, 2020
ProTip!
Advisories are also available from the
GraphQL API