GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
152,463 advisories
Admidio is Missing Authorization on Forum Topic and Post Deletion
Moderate
GHSA-g375-5wmp-xr78
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Admidio has an HTMLPurifier Bypass in eCard Message Allows HTML Email Injection
Moderate
CVE-2026-32757
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Admidio Vulnerable to SSRF and Local File Read via Unrestricted URL Fetch in SSO Metadata Endpoint
Moderate
CVE-2026-32812
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Admidio is Missing CSRF Protection on Role Membership Date Changes
Moderate
CVE-2026-32755
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Admidio is Missing CSRF Validation on Role Delete, Activate, and Deactivate Actions
Moderate
GHSA-wwg8-6ffr-h4q2
was published
for
admidio/admidio
(Composer)
Mar 16, 2026
Permissive List of Allowed Inputs in ewe
Moderate
GHSA-9w88-79f8-m3vp
was published
for
ewe
(Erlang)
Mar 16, 2026
Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration
Moderate
GHSA-j94x-8wcp-x7hm
was published
for
github.com/akuity/kargo
(Go)
Mar 16, 2026
File Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination Parameter
Moderate
CVE-2026-32758
was published
for
github.com/filebrowser/filebrowser/v2
(Go)
Mar 16, 2026
SiYuan Vulnerable to Remote Code Execution via Malicious Bazaar Package — Marketplace XSS
Moderate
GHSA-v3mg-9v85-fcm7
was published
for
siyuan
(Go)
Mar 16, 2026
ProTip!
Advisories are also available from the
GraphQL API