GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
6 advisories
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
Moderate
CVE-2026-54094
was published
for
github.com/filebrowser/filebrowser
(Go)
Jun 12, 2026
NocoDB: Stored Cross-Site Scripting via Row Comments
High
CVE-2026-47383
was published
for
nocodb
(npm)
Jun 5, 2026
Weblate: Privilege escalation in the user API endpoint
High
CVE-2026-34393
was published
for
weblate
(pip)
Apr 16, 2026
Weblate: SSRF via Project-Level Machinery Configuration
Moderate
CVE-2026-34244
was published
for
weblate
(pip)
Apr 16, 2026
Weblate: Arbitrary File Read via Symlink
High
CVE-2026-34242
was published
for
weblate
(pip)
Apr 16, 2026
Ferret: Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websites
High
CVE-2026-34783
was published
for
github.com/MontFerret/ferret
(Go)
Apr 1, 2026
ProTip!
Advisories are also available from the
GraphQL API