Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
FacturaScripts vulnerable to Reflected Cross-Site Scripting (XSS) via Cookie Manipulation Low
CVE-2026-27964 was published for facturascripts/facturascripts (Composer) May 7, 2026
jaroslaw-wawiorko Credited to jaroslaw-wawiorko
FacturaScripts has Stored Cross-Site Scripting (XSS) in "Observations" field via History View High
CVE-2026-23997 was published for facturascripts/facturascripts (Composer) Feb 2, 2026
jaroslaw-wawiorko Credited to jaroslaw-wawiorko
SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality High
CVE-2026-23851 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 21, 2026
jaroslaw-wawiorko Credited to jaroslaw-wawiorko
SiYuan has a Reflected Cross-Site Scripting (XSS) via /api/icon/getDynamicIcon Low
CVE-2026-23847 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 21, 2026
jaroslaw-wawiorko Credited to jaroslaw-wawiorko
SiYuan Has a Stored Cross-Site Scripting (XSS) Vulnerability via Unrestricted SVG File Upload Moderate
CVE-2026-23645 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 16, 2026
jaroslaw-wawiorko Credited to jaroslaw-wawiorko
ProTip! Advisories are also available from the GraphQL API