Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
LiteLLM: Authentication Bypass via Host Header Injection Critical
CVE-2026-49468 was published for litellm (pip) Jun 16, 2026
LilThawg29 Credited to LilThawg29
Codechecker has an authentication bypass for certain API calls Critical
CVE-2026-25660 was published for codechecker (pip) May 5, 2026
mtolley Credited to mtolley
Sentry's improper authentication on SAML SSO process allows user identity linking Critical
CVE-2026-42354 was published for sentry (pip) Apr 30, 2026
jaydns Credited to jaydns
python-jwt vulnerable to token forgery with new claims Critical
CVE-2022-39227 was published for python-jwt (pip) Sep 21, 2022
TomTervoort Credited to TomTervoort
Implementation trusts the "me" field returned by the authorization server without verifying it Critical
GHSA-mjcr-rqjg-rhg3 was published for datasette-indieauth (pip) Nov 24, 2020
ProTip! Advisories are also available from the GraphQL API