Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Admidio is Missing Authorization and CSRF Protection on Document and Folder Deletion Critical
GHSA-rmpj-3x5m-9m5f was published for admidio/admidio (Composer) Mar 16, 2026
restriction Credited to restriction
Glances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist` Critical
CVE-2026-32633 was published for Glances (pip) Mar 16, 2026
restriction Credited to restriction
OneUptime ClickHouse SQL Injection via Aggregate Query Parameters Critical
CVE-2026-32306 was published for oneuptime (npm) Mar 13, 2026
restriction Credited to restriction
Parse Server vulnerable to SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL Critical
CVE-2026-31871 was published for parse-server (npm) Mar 11, 2026
restriction Credited to restriction and mtrezza mtrezza mtrezza
Parse Server vulnerable to SQL injection via `Increment` operation on nested object field in PostgreSQL Critical
CVE-2026-31856 was published for parse-server (npm) Mar 11, 2026
restriction Credited to restriction and mtrezza mtrezza mtrezza
Parse Server has role escalation and CLP bypass via direct `_Join` table write Critical
CVE-2026-30966 was published for parse-server (npm) Mar 11, 2026
restriction Credited to restriction and mtrezza mtrezza mtrezza
Parse Server: SQL injection via dot-notation field name in PostgreSQL Critical
CVE-2026-31840 was published for parse-server (npm) Mar 10, 2026
restriction Credited to restriction and mtrezza mtrezza mtrezza
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database