CVE-2026-38361

creationtimestamp| type| source ---|---|--- 2026-05-07 15:00:05+00:00| seen| https://t.me/GithubRedTeam/83224 2026-05-07 23:00:14+00:00| seen| Telegram/oaX1QMYGY6U2VLr3GbuHtJDEm63hpjXfJZtZ3v8CfS2o2Y 2026-05-08 03:00:06+00:00| seen| Telegram/xvoYgOFnUf5jFw65bW2FC7fcn6orx4l4LTjm0d68ZkOEzo 2026-05-0...

CVE-2026-45090

creationtimestamp| type| source ---|---|--- 2026-05-07 13:30:22+00:00| published-proof-of-concept| https://github.com/hahwul/dalfox/security/advisories/GHSA-2g4x-fq3j-cgq4...

CVE-2026-45088

creationtimestamp| type| source ---|---|--- 2026-05-07 13:30:22+00:00| published-proof-of-concept| https://github.com/hahwul/dalfox/security/advisories/GHSA-35wr-x7v6-9fv2...

CVE-2026-34847

creationtimestamp| type| source ---|---|--- 2026-05-07 11:30:53+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-34847.yaml...

CVE-2026-44346

creationtimestamp| type| source ---|---|--- 2026-05-07 10:39:30+00:00| published-proof-of-concept| https://github.com/bentoml/BentoML/security/advisories/GHSA-w2pm-x38x-jp44...

GHSA-Q6V9-R226-V65F

creationtimestamp| type| source ---|---|--- 2026-05-07 04:10:29+00:00| seen| https://gist.github.com/alon710/60dab51279f6b991c4df239e6fd329b2...

GHSA-FPF5-4JW8-67X8

creationtimestamp| type| source ---|---|--- 2026-05-07 02:10:29+00:00| seen| https://gist.github.com/alon710/fbdb426cde042168e0871c7f8c96676d...

CVE-2026-42459

creationtimestamp| type| source ---|---|--- 2026-05-07 02:09:58+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-585v-hcgf-jhfr...

GHSA-V2V4-37R5-5V8G vulnerabilities

Vulnerabilities for packages: code-server, kubeflow-pipelines, sqlpad, tileserver-gl, opensearch-dashboards, npm, langfuse, renovate, pulumi, lerna, saf, prism...

CVE-2026-42082

creationtimestamp| type| source ---|---|--- 2026-05-07 01:56:13+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-vrrx-58h3-prmh...

CVE-2026-42081

creationtimestamp| type| source ---|---|--- 2026-05-07 01:53:47+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-77x9-rf64-92gv...

CVE-2026-44318

creationtimestamp| type| source ---|---|--- 2026-05-07 01:13:49+00:00| published-proof-of-concept| https://github.com/free5gc/free5gc/security/advisories/GHSA-27ph-8q4f-h7m7...

[SECURITY] Fedora 44 Update: gh-2.92.0-1.fc44

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...

Heimdallr: Characterizing and Detecting LLM-Induced Security Risks in GitHub CI Workflows

GitHub Continuous Integration CI workflows increasingly integrate Large Language Models LLMs to automate review, triage, content generation, and repository maintenance. This creates a new attack surface: externally controllable workflow inputs can shape LLM prompts and outputs, which may in turn...

PT-2026-38588

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An authentication bypass allows an unauthenticated attacker to create a local user account, bypassing the configured external identity provider. When external authentication is enable...

PT-2026-38593

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An unauthenticated attacker can cause service disruption by sending crafted requests containing deeply nested JSON payloads to an unauthenticated API endpoint. The endpoint parses...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

GitHub Enterprise Server 访问控制错误漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was an access control...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

Demystifying and Detecting Agentic Workflow Injection Vulnerabilities in GitHub Actions

GitHub Actions is increasingly used to deploy LLM-based agents for repository-centric tasks such as issue triage, pull-request review, code modification, and release assistance. These agentic workflows extend traditional CI/CD automation with agentic capabilities but also create a new injection...