Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Mautic has Stored Cross-Site Scripting (XSS) in Project Option Selector Moderate
CVE-2026-9811 was published for mautic/core (Composer) Jul 2, 2026
pavelkohout396 Credited to pavelkohout396, escopecz, patrykgruszka, and LeuchtfeuerDigitalMarketing escopecz escopecz
patrykgruszka patrykgruszka LeuchtfeuerDigitalMarketing LeuchtfeuerDigitalMarketing
Mautic has Stored Cross-Site Scripting (XSS) in Projects Component High
CVE-2026-9809 was published for mautic/core (Composer) Jul 2, 2026
34selen Credited to 34selen, escopecz, patrykgruszka, and LeuchtfeuerDigitalMarketing escopecz escopecz
patrykgruszka patrykgruszka LeuchtfeuerDigitalMarketing LeuchtfeuerDigitalMarketing
Mautic has an Authorization Bypass in API v2 Endpoints High
CVE-2026-9808 was published for mautic/core (Composer) Jul 2, 2026
zerlyer Credited to zerlyer, pavelkohout396, escopecz, patrykgruszka, and LeuchtfeuerDigitalMarketing pavelkohout396 pavelkohout396
escopecz escopecz patrykgruszka patrykgruszka LeuchtfeuerDigitalMarketing LeuchtfeuerDigitalMarketing
Mautic vulnerable to Path Traversal via Campaign Import Critical
CVE-2026-9559 was published for mautic/core (Composer) Jul 2, 2026
nglong05 Credited to nglong05, f3nrir77, escopecz, patrykgruszka, and LeuchtfeuerDigitalMarketing f3nrir77 f3nrir77
escopecz escopecz patrykgruszka patrykgruszka LeuchtfeuerDigitalMarketing LeuchtfeuerDigitalMarketing
Mautic has Server-Side Template Injection (SSTI) in Theme Templates Critical
CVE-2026-9558 was published for mautic/core (Composer) Jul 2, 2026
onurcangnc Credited to onurcangnc, xfer0, Entropt, patrykgruszka, escopecz, LeuchtfeuerDigitalMarketing, and NumberOreo1 xfer0 xfer0
Entropt Entropt patrykgruszka patrykgruszka escopecz escopecz LeuchtfeuerDigitalMarketing LeuchtfeuerDigitalMarketing NumberOreo1 NumberOreo1
Mautic has SQL Injection in API Contact Filtering High
CVE-2026-4776 was published for mautic/core (Composer) Jul 2, 2026
Senku01 Credited to Senku01, Harish4948, patrykgruszka, and LeuchtfeuerDigitalMarketing Harish4948 Harish4948
patrykgruszka patrykgruszka LeuchtfeuerDigitalMarketing LeuchtfeuerDigitalMarketing
ProTip! Advisories are also available from the GraphQL API