Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4,408 advisories

Loading
rexpository Credited to rexpository
PraisonAI LinearBot processes unsigned webhooks when LINEAR_WEBHOOK_SECRET is missing High
GHSA-fc26-m9pf-v56q was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
PraisonAI recipe serve Typer command bypasses the non-localhost authentication guard High
GHSA-5qw8-f2g9-ff29 was published for praisonai (pip) Jun 18, 2026
rexpository Credited to rexpository
kodareef5 Credited to kodareef5, grvijayan, IAM-marco, livio-a, cipher-creator, and N008x grvijayan grvijayan
IAM-marco IAM-marco livio-a livio-a cipher-creator cipher-creator N008x N008x
Caddy: FastCGI header normalization bypass in `forward_auth copy_headers` High
CVE-2026-52845 was published for github.com/caddyserver/caddy (Go) Jun 16, 2026
Vincent550102 Credited to Vincent550102
aradona91 Credited to aradona91
Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token Critical
CVE-2026-48039 was published for meta-ads-mcp (pip) Jun 11, 2026
232-323 Credited to 232-323
Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates Moderate
CVE-2026-47838 was published for org.springframework.security:spring-security-web (Maven) Jun 10, 2026
marcelstoer Credited to marcelstoer and julianladisch julianladisch julianladisch
ProTip! Advisories are also available from the GraphQL API