Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
NukeViet: Pre-authentication SSRF via X-Forwarded-Host High
CVE-2026-55372 was published for nukeviet/nukeviet (Composer) Jul 13, 2026
g03m0n Credited to g03m0n and hoaquynhtim99 hoaquynhtim99 hoaquynhtim99
NukeViet: Path Traversal to Arbitrary File Deletion in Edit Comment Function High
CVE-2026-54065 was published for nukeviet/nukeviet (Composer) Jul 13, 2026
g03m0n Credited to g03m0n and hoaquynhtim99 hoaquynhtim99 hoaquynhtim99
NukeViet: Multiple Anti-XSS Filter Bypasses Leading to Stored XSS in News Module High
CVE-2026-54064 was published for nukeviet/nukeviet (Composer) Jul 13, 2026
hoaquynhtim99 Credited to hoaquynhtim99 and g03m0n g03m0n g03m0n
NukeViet: Unauthenticated Reflected XSS in Comment Module High
CVE-2026-48118 was published for nukeviet/nukeviet (Composer) Jul 13, 2026
hoaquynhtim99 Credited to hoaquynhtim99 and 0xGunrunner 0xGunrunner 0xGunrunner
NukeViet CMS: Stored Cross-Site Scripting (XSS) via insufficient server-side input sanitization in Request class High
CVE-2026-41147 was published for nukeviet/nukeviet (Composer) May 15, 2026
hoaquynhtim99 Credited to hoaquynhtim99 and beetrio189 beetrio189 beetrio189
ProTip! Advisories are also available from the GraphQL API