Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
File Browser: Authentication Bypass via Proxy Auth Header Forgery Critical
CVE-2026-54089 was published for github.com/filebrowser/filebrowser/v2 (Go) Jul 10, 2026
Akokonunes Credited to Akokonunes and neo-ai-engineer neo-ai-engineer neo-ai-engineer
Directus: Open Redirect in Admin 2FA Setup Page Moderate
CVE-2026-35411 was published for directus (npm) Apr 4, 2026
ComfortablyCoding Credited to ComfortablyCoding, Akokonunes, and neo-ai-engineer Akokonunes Akokonunes
neo-ai-engineer neo-ai-engineer
@siteboon/claude-code-ui is Vulnerable to Shell Command Injection in Git Routes High
CVE-2026-31861 was published for @siteboon/claude-code-ui (npm) Mar 10, 2026
Akokonunes Credited to Akokonunes, neo-ai-engineer, and toufik-airane neo-ai-engineer neo-ai-engineer
toufik-airane toufik-airane
AVideo has Unauthenticated IDOR - Playlist Information Disclosure Moderate
CVE-2026-30885 was published for wwbn/avideo (Composer) Mar 7, 2026
Akokonunes Credited to Akokonunes and neo-ai-engineer neo-ai-engineer neo-ai-engineer
changedetection.io has Reflected XSS in its RSS Tag Error Response Moderate
CVE-2026-29038 was published for changedetection.io (pip) Mar 4, 2026
Akokonunes Credited to Akokonunes
NocoDB Vulnerable to Stored Cross-site Scripting via Rich Text Field Moderate
CVE-2026-28359 was published for nocodb (npm) Mar 2, 2026
Akokonunes Credited to Akokonunes and neo-ai-engineer neo-ai-engineer neo-ai-engineer
NocoDB has Stored Cross-site Scripting via Formula Cell Moderate
CVE-2026-28357 was published for nocodb (npm) Mar 2, 2026
Akokonunes Credited to Akokonunes and neo-ai-engineer neo-ai-engineer neo-ai-engineer
changedetection.io Vulnerable to Reflected XSS in RSS Single Watch Error Response Moderate
CVE-2026-27645 was published for changedetection.io (pip) Feb 25, 2026
Akokonunes Credited to Akokonunes and neo-ai-engineer neo-ai-engineer neo-ai-engineer
ProTip! Advisories are also available from the GraphQL API