GHSA-W88V-VQHQ-5P24

creationtimestamp| type| source ---|---|--- 2026-04-06 17:32:38+00:00| seen| Telegram/n5Nok-XlRHEre5O89LvYLplT02rw8wZYprnGR4USXlLgM...

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Threat actors likely associated with the Democratic People's Republic of Korea DPRK have been observed using GitHub as command-and-control C2 infrastructure in multi-stage attacks targeting organizations in South Korea. The attack chain, per Fortinet FortiGuard Labs, involves obfuscated Windows...

CVE-2026-39365

creationtimestamp| type| source ---|---|--- 2026-04-06 12:13:21+00:00| published-proof-of-concept| https://github.com/vitejs/vite/security/advisories/GHSA-4w7w-66w2-5vf9 2026-04-06 12:13:21+00:00| published-proof-of-concept| https://github.com/vitejs/vite/security/advisories/GHSA-4w7w-66w2-5vf9...

github-repo-scanner

No d...

GHSA-QV7J-4883-HWH7 vulnerabilities

Vulnerabilities for packages: gitlab-cng, gitlab-rails-ce-fips, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, ruby3.2-rack, ruby3.4-rack, ruby3.4-rails, ruby4.0-rack, kube-fluentd-operator, pact-broker-docker, gitlab-rails-ce, logstash...

GHSA-VGPV-F759-9WX3 vulnerabilities

Vulnerabilities for packages: gitlab-cng, gitlab-rails-ce-fips, pact-broker-docker-fips, ruby3.2-rails, ruby3.3-rack, ruby3.2-rack, ruby3.4-rack, ruby3.4-rails, ruby4.0-rack, kube-fluentd-operator, pact-broker-docker, gitlab-rails-ce, logstash...

LLM-Enabled Open-Source Systems in the Wild: An Empirical Study of Vulnerabilities in GitHub Security Advisories

Large language models LLMs are increasingly embedded in open-source software OSS ecosystems, creating complex interactions among natural language prompts, probabilistic model outputs, and execution-capable components. However, it remains unclear whether traditional vulnerability disclosure...

GHSA-6P2J-742G-835F actions-mkdocs: Command Injection via issue title in internal GitHub Actions workflow

Summary External input from github.event.issue.title is used unsafely in a shell command in .github/workflows/release-candidate.yaml, allowing command injection during workflow execution. Details In .github/workflows/release-candidate.yaml, the issue title is interpolated directly into a shell...

GHSA-9WFR-W7MM-PC7F

creationtimestamp| type| source ---|---|--- 2026-04-04 01:18:49+00:00| seen| Telegram/Wq2MikHHjaMT3QcZYic1EqOjYlzbZBeR3fuLUZ6lQSb49CA...

GHSA-67JX-R9PV-98RJ

creationtimestamp| type| source ---|---|--- 2026-04-03 19:24:00+00:00| published-proof-of-concept| Telegram/l2CWtN20f6D8WOiAClhqJgrdc6BQljDZCBDw2ZgpHM67Hss...

Do not get high(jacked) off your own supply (chain)

In the span of just a few weeks, we have observed a dizzying array of major supply chain attacks. Prominent examples include the malicious modification of Axios, a popular HTTP client library for JavaScript, as well as cascading compromises from TeamPCP, a "chaos-as-a-service" group that injected...

GHSA-GJW9-34GF-RP6M

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0...

GHSA-RWW4-4W9C-7733

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0...

North Korean Hackers Abuse GitHub to Spy on South Korean Firms

Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies. Discover how North Korean…...

CVE-2026-33544

Tinyauth is an authentication and authorization server. Prior to version 5.0.5, all three OAuth service implementations GenericOAuthService, GithubOAuthService, GoogleOAuthService store PKCE verifiers and access tokens as mutable struct fields on singleton instances shared across all concurrent...

CVE-2026-27124

FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not...

GHSA-9M44-RR2W-PPP7

creationtimestamp| type| source ---|---|--- 2026-04-03 15:23:03+00:00| seen| Telegram/DMrtbPbyVuvJyzUNlrr2TA99ljgvsTw1ZTHgoXyjyFD12Ec...

CVE-2026-27124

CVE-2026-27124 describes a Confused Deputy vulnerability in the FastMCP OAuthProxy used with the GitHubProvider OAuth integration. Prior to version 3.2.0, the OAuthProxy does not properly validate user consent after receiving the GitHub authorization code, and combined with GitHub’s consent-page ...

CVE-2026-27124 FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities

FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not...

CVE-2026-27124 FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities

FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not...