GHSA-RMX9-2PP3-XHCR vulnerabilities

Vulnerabilities for packages: tekton-pipelines, tkn, tekton-chains...

GHSA-Q6V9-R226-V65F

creationtimestamp| type| source ---|---|--- 2026-05-07 04:10:29+00:00| seen| https://gist.github.com/alon710/60dab51279f6b991c4df239e6fd329b2...

GHSA-FPF5-4JW8-67X8

creationtimestamp| type| source ---|---|--- 2026-05-07 02:10:29+00:00| seen| https://gist.github.com/alon710/fbdb426cde042168e0871c7f8c96676d...

GHSA-XP3W-R5P5-63RR vulnerabilities

Vulnerabilities for packages: valkey-ldap, rustls-openssl-client, ztunnel-fips, sentry-cli, komodo, vector, deno, guestproxyagent, rustup, sccache, rpm-sequoia, bootc, typst, sqlx, sdp-k8s-injector...

GHSA-FPJQ-C37H-CQCV vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, kyverno...

CVE-2026-44009

creationtimestamp| type| source ---|---|--- 2026-05-03 21:34:48+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-9vg3-4rfj-wgcm...

Fedora 44 : GitPython (2026-9342da13e0)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9342da13e0 advisory. Fixes security defects GHSA-rpm5-65cw-6hj4, GHSA-x2qx-6953-8485, GHSA-7545-fcxq-7j24, and GHSA-v87r-6q3f-2j67. Tenable has extracted the preceding descriptio...

CVE-2026-44005

creationtimestamp| type| source ---|---|--- 2026-05-01 20:42:00+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-vwrp-x96c-mhwq...

GHSA-V898-XG3C-W4RJ vulnerabilities

Vulnerabilities for packages: glibc...

GHSA-48WR-P98V-9W5H vulnerabilities

Vulnerabilities for packages: ffmpeg...

GHSA-V4P8-MG3P-G94G vulnerabilities

Vulnerabilities for packages: litellm...

GHSA-5MFF-CXQ5-82JV vulnerabilities

Vulnerabilities for packages: firefox-esr...

Securing the git push pipeline: Responding to a critical remote code execution vulnerability

On March 4, 2026, we received a vulnerability report through our Bug Bounty program from researchers at Wiz describing a critical remote code execution vulnerability affecting github.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +20 more potentially affected by unknown CVE via openclaw (>=0.0.1 <=2026.4.2)

openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-J4C5-89F5-F3PM...

GHSA-28JG-CGG7-J4WC vulnerabilities

Vulnerabilities for packages: debezium-connector-spanner, debezium-connector-informix, apache-nifi, debezium, debezium-connector-ibmi...

GHSA-PMWG-CVHR-8VH7

creationtimestamp| type| source ---|---|--- 2026-04-24 22:53:42+00:00| seen| Telegram/Vx6nINpqXkyN9lWmYzg7wzzb7SobZ66OCYhgiINimz-nM3E 2026-05-05 05:40:29+00:00| seen| https://gist.github.com/alon710/1fe74fd0f0234822bdcb48ade706690f...

GHSA-6CHQ-WFR3-2HJ9

creationtimestamp| type| source ---|---|--- 2026-04-24 19:23:26+00:00| seen| Telegram/FGivxNz61ghqDj4ER4orUo942MC3d41x9N89ngSi7socZnE...

coordinated-disclosure

coordinated-disclosure A Claude Code skill + plugin marketpla...

GHSA-WG36-WVJ6-R67P vulnerabilities

Vulnerabilities for packages: composer...

GHSA-RP42-5VXX-QPWR

creationtimestamp| type| source ---|---|--- 2026-04-24 05:19:04+00:00| seen| Telegram/cyG2ZGhRnNebdsiXH3f8wG9rKkH4KFMg55z2RECZJhW1k7c...