Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

1,660 advisories

Loading
Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions. Moderate Unreviewed
CVE-2025-66123 was published Jun 26, 2026
Lemur: ACME SSRF + creator-equality IDOR lead to AWS IAM/PKI compromise Critical
CVE-2026-55166 was published for lemur (pip) Jun 25, 2026
im-rootkid Credited to im-rootkid
OpenAM Arbitrary OAuth Token Minting via Push Registration High
CVE-2026-46498 was published for org.openidentityplatform.openam:openam-oauth2 (Maven) Jun 25, 2026
wodzen Credited to wodzen
Snipe-IT has Multi-Tenancy Bypass via Bulk Asset Update Moderate
CVE-2026-55482 was published for snipe/snipe-it (Composer) Jun 23, 2026
TristanInSec Credited to TristanInSec
Gogs: LFS dedupe path leaks private repo content across tenants High
CVE-2026-52812 was published for gogs.io/gogs (Go) Jun 23, 2026
amwhoi Credited to amwhoi
Gogs Missing Authorization in Attachment Download High
CVE-2026-52799 was published for gogs.io/gogs (Go) Jun 22, 2026
odgrso Credited to odgrso
ProTip! Advisories are also available from the GraphQL API