Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

544 advisories

Loading
Steeltoe vulnerable to management-port isolation bypass via spoofed Host header High
CVE-2026-50194 was published for Steeltoe.Management.Endpoint (NuGet) Jul 2, 2026
AS228T with Authentication Bypass Vulnerability High Unreviewed
CVE-2026-12579 was published Jul 1, 2026
WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass... Critical Unreviewed
CVE-2019-25763 was published Jun 20, 2026
rexpository Credited to rexpository
Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions. High Unreviewed
CVE-2026-54804 was published Jun 17, 2026
Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions. Critical Unreviewed
CVE-2026-49767 was published Jun 17, 2026
Unauthenticated Broken Authentication in WooCommerce Dropshipping <= 5.2.4 versions. Moderate Unreviewed
CVE-2026-49071 was published Jun 17, 2026
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions. High Unreviewed
CVE-2026-25439 was published Jun 17, 2026
Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts High
CVE-2026-53622 was published for Traefik (Go) Jun 16, 2026
kamil-sawicki Credited to kamil-sawicki
Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass High
CVE-2026-48491 was published for Traefik (Go) Jun 16, 2026
kamil-sawicki Credited to kamil-sawicki
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions. High Unreviewed
CVE-2026-48970 was published Jun 15, 2026
ProTip! Advisories are also available from the GraphQL API