Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

66 advisories

Loading
PostgreSQL Anonymizer contains a vulnerability that allows unprivileged masked users to... Moderate Unreviewed
CVE-2026-13455 was published Jun 30, 2026
phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing Low
CVE-2026-48488 was published for phpmyfaq/phpmyfaq (Composer) Jun 23, 2026
N0tFix3d Credited to N0tFix3d
motionEye: Authentication possible via password hash Critical
CVE-2026-46488 was published for motioneye (pip) Jun 22, 2026
FireByteApplications Credited to FireByteApplications, 0xLynk, dimashn04, C4spr0x1A, sighnwaive, MichaIng, Marijn0, and zagrim 0xLynk 0xLynk
dimashn04 dimashn04 C4spr0x1A C4spr0x1A sighnwaive sighnwaive MichaIng MichaIng Marijn0 Marijn0 zagrim zagrim
alan-agius4 Credited to alan-agius4, JeanMeche, and josephperrott JeanMeche JeanMeche
josephperrott josephperrott
Poseidon V1 variable-length input collision via implicit zero-padding High
CVE-2026-32129 was published for soroban-poseidon (Rust) Mar 13, 2026
Flowise has Insufficient Password Salt Rounds Moderate
CVE-2026-56272 was published for flowise (npm) Mar 5, 2026
kolega-ai-dev Credited to kolega-ai-dev
@keep-network/tbtc-v2 revealing P2PKH deposit with a wrapped P2SH script High
GHSA-8986-v76q-8vr2 was published for @keep-network/tbtc-v2 (npm) Mar 2, 2026
OpenClaw replaced a deprecated sandbox hash algorithm High
CVE-2026-28479 was published for openclaw (npm) Feb 19, 2026
kexinoh Credited to kexinoh
EVE Seals Vault Key With SHA1 PCRs Moderate
CVE-2023-43635 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
EVE Doesn't Measure Config Partition From 2 Fronts Moderate
CVE-2023-43630 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
DragonFly has weak integrity checks for downloaded files Moderate
CVE-2025-59354 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi Credited to gaius-qi
Mattermost makes Use of Weak Hash Moderate
CVE-2025-9078 was published for github.com/mattermost/mattermost-server (Go) Sep 15, 2025
CWE-328: Use of Weak Hash Moderate Unreviewed
CVE-2025-55053 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API