Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

17,529 advisories

Loading
YesWiki has Authenticated SQL Injection via ReactionManager High
CVE-2026-52775 was published for yeswiki/yeswiki (Composer) Jul 9, 2026
SnailSploit Credited to SnailSploit and 0xShemesh 0xShemesh 0xShemesh
YesWiki: Second-Order SQL Injection in Page Delete API via Unescaped Page Tag (`ApiController::deletePage`) High
CVE-2026-52771 was published for yeswiki/yeswiki (Composer) Jul 9, 2026
hash3liZer Credited to hash3liZer
YesWiki: SQL Injection possible through public Bazar entry-listing APIs via numeric `query`/`queries` filters High
CVE-2026-52770 was published for yeswiki/yeswiki (Composer) Jul 9, 2026
sondt99 Credited to sondt99
YesWiki: SQL injection via the `recentchanges` action `period` argument leads to arbitrary DB read Moderate
CVE-2026-52763 was published for yeswiki/yeswiki (Composer) Jul 9, 2026
CosmicCrusader23 Credited to CosmicCrusader23
Improper neutralization of special elements used in an SQL command ('SQL injection')... Critical Unreviewed
CVE-2026-5955 was published Jul 9, 2026
IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an... Critical Unreviewed
CVE-2026-9074 was published Jul 8, 2026
Improper neutralization of special elements used in an SQL command ('SQL injection')... Critical Unreviewed
CVE-2026-8307 was published Jul 8, 2026
KEDA has PostgreSQL connection string parameter injection via incomplete whitespace escaping Moderate
CVE-2026-53572 was published for github.com/kedacore/keda/v2 (Go) Jul 7, 2026
mert2m Credited to mert2m
OpenRemote has Authenticated SQL Injection via Datapoint Crosstab Export High
GHSA-cgfv-jrfp-2r7v was published for io.openremote:openremote-manager (Maven) Jul 6, 2026
aramosf Credited to aramosf
Improper neutralization of special elements used in an SQL command ('SQL injection')... Critical Unreviewed
CVE-2026-4321 was published Jul 3, 2026
ProTip! Advisories are also available from the GraphQL API