Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution Critical
CVE-2026-41179 was published for github.com/rclone/rclone (Go) Apr 22, 2026
0wnerDied Credited to 0wnerDied, ncw, and augustocesarperin ncw ncw
augustocesarperin augustocesarperin
Mako: Path traversal via double-slash URI prefix in TemplateLookup High
CVE-2026-41205 was published for Mako (pip) Apr 16, 2026
0xHunSec Credited to 0xHunSec and augustocesarperin augustocesarperin augustocesarperin
Nu Html Checker (vnu) contains a Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2025-15104 was published for nu.validator:validator (Maven) Jan 16, 2026
augustocesarperin Credited to augustocesarperin
Salesforce Uni2TS has a Code Injection vulnerability Critical
CVE-2026-22584 was published for uni2ts (pip) Jan 10, 2026
augustocesarperin Credited to augustocesarperin
Langflow CORS misconfiguration enables Account Takeover and RCE Critical
CVE-2025-34291 was published for langflow (pip) Dec 6, 2025
augustocesarperin Credited to augustocesarperin
golang.org/x/crypto/ssh/agent has a potential denial of service High
CVE-2025-47913 was published for golang.org/x/crypto/ssh/agent (Go) Nov 14, 2025
augustocesarperin Credited to augustocesarperin
ProTip! Advisories are also available from the GraphQL API