Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
Nezha's authenticated agents can forge service-monitor results for other users' services High
CVE-2026-48119 was published for github.com/nezhahq/nezha (Go) Jun 1, 2026
sondt99 Credited to sondt99
Nezha has cross-site GET request that can trigger stored cron commands on a victim's agents High
CVE-2026-49396 was published for github.com/nezhahq/nezha (Go) Jun 10, 2026
sondt99 Credited to sondt99
Centrifugo's dynamic JWKS key cache keyed only by `kid` allows cross-issuer JWT authentication bypass High
CVE-2026-49998 was published for github.com/centrifugal/centrifugo (Go) Jul 1, 2026
sondt99 Credited to sondt99
ProTip! Advisories are also available from the GraphQL API