Security overview · dagu-org/dagu · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

SSE Authentication Bypass in Basic Auth Mode
GHSA-9wmw-9wph-2vwp published Mar 13, 2026 by yottahmd

High
Path Traversal via `dagRunId` in Inline DAG Execution
GHSA-m4q3-457p-hh2x published Mar 13, 2026 by yottahmd

Critical
Unauthenticated RCE via inline DAG spec in default configuration
GHSA-6qr9-g2xw-cw92 published Feb 19, 2026 by yottahmd

Low
Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
GHSA-6v48-fcq6-ff23 published Feb 21, 2026 by yottahmd

Low

Learn more about advisories related to dagu-org/dagu in the GitHub Advisory Database