Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

131,693 advisories

Loading
A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in... High Unreviewed
CVE-2026-16118 was published Jul 17, 2026
hackkim Credited to hackkim
Prompty: Arbitrary code execution via JavaScript frontmatter in TypeScript loader High
CVE-2026-53597 was published for @prompty/core (npm) Jul 17, 2026
cristianstaicu Credited to cristianstaicu
Prompty: Arbitrary file read via file reference expansion High
CVE-2026-53598 was published for @prompty/core (npm) Jul 17, 2026
Gitea has insufficient permission checks for Composer package source links High
CVE-2026-27771 was published for code.gitea.io/gitea (Go) Jul 17, 2026
DevNoScope Credited to DevNoScope
meta-ads-mcp: X-Pipeboard-Token Header Auth Bypass Reuses Operator Meta Token High
CVE-2026-54547 was published for meta-ads-mcp (pip) Jul 17, 2026
EQSTLab Credited to EQSTLab
EQSTLab Credited to EQSTLab and useworld useworld useworld
sh _uid does not drop supplementary groups (incomplete privilege drop) High
CVE-2026-54552 was published for sh (pip) Jul 17, 2026
Gares95 Credited to Gares95
AWS-JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance High
CVE-2026-11400 was published for software.amazon.jdbc:aws-advanced-jdbc-wrapper (Maven) Jul 17, 2026
ph0smet Credited to ph0smet
ProTip! Advisories are also available from the GraphQL API