Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
Mitchell45 Credited to Mitchell45
Mitchell45 Credited to Mitchell45
Kimai: Login CSRF in the Timesheet Stop and Restart API Endpoints Allows Unauthorized State Changes Moderate
CVE-2026-52823 was published for kimai/kimai (Composer) Jul 14, 2026
Mitchell45 Credited to Mitchell45
Mitchell45 Credited to Mitchell45
Mitchell45 Credited to Mitchell45
Kimai: Login CSRF in Default Team Creation Endpoints Allows Unauthorized Team and Permission Structure Changes Moderate
CVE-2026-49992 was published for kimai/kimai (Composer) Jul 13, 2026
Mitchell45 Credited to Mitchell45
Kimai has Server-Side Request Forgery in Invoice PDF Rendering via Markdown Image URLs Moderate
CVE-2026-49865 was published for kimai/kimai (Composer) Jul 10, 2026
Mitchell45 Credited to Mitchell45
Kimai Favorite Timesheet Add and Remove Endpoints Allows Cross-User Bookmark Manipulation Low
GHSA-j5mc-p8qg-39j7 was published for kimai/kimai (Composer) Jul 2, 2026
Mitchell45 Credited to Mitchell45
ProTip! Advisories are also available from the GraphQL API