Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Kimai: ExportTemplate CRUD Missing Authorization Check Allows Unauthorized TEAMLEAD Access Moderate
CVE-2026-52828 was published for kimai/kimai (Composer) Jul 14, 2026
AzureADTrent Credited to AzureADTrent
Kimai: Default APP_SECRET in Docker Image Enables Cookie Forgery and Account Takeover Critical
CVE-2026-52824 was published for kimai/kimai (Composer) Jul 14, 2026
AzureADTrent Credited to AzureADTrent
Kimai Password Reset Link Remains Valid After Password Change Low
GHSA-m492-gv72-xvxj was published for kimai/kimai (Composer) Jul 1, 2026
AzureADTrent Credited to AzureADTrent
Kimai has Missing Object-Level Authorization in the Team API Low
CVE-2026-41498 was published for kimai/kimai (Composer) Apr 24, 2026
AzureADTrent Credited to AzureADTrent
ProTip! Advisories are also available from the GraphQL API