Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

171 advisories

Loading
@angular/service-worker: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker High
CVE-2026-54264 was published for @angular/service-worker (npm) Jun 15, 2026
SkyZeroZx Credited to SkyZeroZx, alan-agius4, JeanMeche, and josephperrott alan-agius4 alan-agius4
JeanMeche JeanMeche josephperrott josephperrott
Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client High
CVE-2025-66035 was published for @angular/common (npm) Nov 26, 2025
alan-agius4 Credited to alan-agius4, AndrewKushnir, irsl, hybrist, and AKiileX AndrewKushnir AndrewKushnir
irsl irsl hybrist hybrist AKiileX AKiileX
phpMyFAQ: Missing Password Reset Token Allows Account Takeover via Username/Email Enumeration High
CVE-2026-35675 was published for phpmyfaq/phpmyfaq (Composer) May 20, 2026
cyberHunter127 Credited to cyberHunter127
XWiki Platform's Livetable results still allow reconstructing password hashes using 768 requests High
CVE-2026-48048 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) May 26, 2026
ProTip! Advisories are also available from the GraphQL API