CVE-2022-0921

Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12...

CVE-2022-0482

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3...

CVE-2022-0877

Cross-site Scripting XSS - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3...

CVE-2022-35938

TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. This issue has been...

CVE-2024-39700

JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...

GHSA-36HM-QXXP-PG3M vulnerabilities

Vulnerabilities for packages: langfuse...

github docs 安全漏洞

github docs is a software application. A security vulnerability exists in github docs version 2.02.37 and earlier, which stems from incorrect manipulation of the parameter Username in the file com/DocSystem/mapping/UserMapper.xml, which could lead to an SQL injection attack...

(0Day) github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the createissue parameter. The issue results from the lack of...

github docs 安全漏洞

github docs is a software application. A security vulnerability exists in github docs version 2.02.36 and earlier, which stems from an incorrect manipulation of the parameter searchWord in the file src/com/DocSystem/mapping/ReposAuthMapper.xml, which could lead to an SQL injection attack...

PT-2026-1986

Name of the Vulnerable Software and Affected Versions github-kanban-mcp-server affected versions not specified Description A flaw exists in github-kanban-mcp-server that allows remote attackers to execute arbitrary code on affected systems. Authentication is not required for exploitation. The iss...

GHSA-5FP7-G646-CCF4

creationtimestamp| type| source ---|---|--- 2026-01-08 21:31:12+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115861610292219134 2026-01-10 04:02:47+00:00| published-proof-of-concept| Telegram/xCOXvC0nHIdc2RZU8QnHf4AhOuGrMPNqhpiQVHQJKZvyIjM...

@agent-native/core (>=0.4.2 <=0.28.5), @akrc/fnpm (=1.13.1) +122 more potentially affected by CVE-2025-61686 via @react-router/node (>=7.0.0 <=7.9.4-pre.0)

@react-router/node NPM version =7.0.0, =0.4.2, =0.2.3, =7.8.3-alpha.1, =0.9.1, =0.7.1, =0.1.0, =0.1.0, =0.0.1, =0.0.1-dev.8, =0.0.1-0, =0.0.1-alpha.6, =3.8.8, =2.1.0, =3.0.1 and more Source cves: CVE-2025-61686 Source advisory: OSV:GHSA-9583-H5HC-X8CW...

GHSA-3C6G-7V4G-5XCM vulnerabilities

Vulnerabilities for packages: postgresql...

CVE-2026-22253

creationtimestamp| type| source ---|---|--- 2026-01-08 17:48:11+00:00| published-proof-of-concept| https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-6jm8-x3g6-r33j...

GHSA-JF52-3F2H-H9J5

creationtimestamp| type| source ---|---|--- 2026-01-08 11:01:23+00:00| published-proof-of-concept| Telegram/2H0tuRFHJAYb3wZdMSBr18E38TWvMjuQyl8zYKGkwJ2kf8 2026-01-24 21:26:43+00:00| seen| https://gist.github.com/alon710/b58086582ecd8cde824806d1ad4c5b1c 2026-01-24 22:42:07+00:00| seen|...

CVE-2026-22043

creationtimestamp| type| source ---|---|--- 2026-01-08 03:25:35+00:00| published-proof-of-concept| https://github.com/rustfs/rustfs/security/advisories/GHSA-xgr5-qc6w-vcg9...

CVE-2025-13744

An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...

GHSA-36HM-QXXP-PG3M

creationtimestamp| type| source ---|---|--- 2026-01-08 01:59:08+00:00| seen| https://bsky.app/profile/azu.bsky.social/post/3mbuv2h3plo2x 2026-01-08 16:03:29+00:00| seen| Telegram/eK7Ikx8B4zhc3RXJcMY-EZtQzuwPO0YG4YMu0LZCUnsVEJo 2026-01-24 21:26:46+00:00| seen|...

GHSA-7VHP-VF5G-R2FW

creationtimestamp| type| source ---|---|--- 2026-01-07 23:09:29+00:00| seen| Telegram/FpDGAESLT2b6cAqL19jI0amMTjRd3R14Wu3P5pTmHCNxdqI...

GHSA-9C23-RRG9-JC89

creationtimestamp| type| source ---|---|--- 2026-01-07 20:04:29+00:00| published-proof-of-concept| Telegram/dVBBzDLnAvxAWJ1LkZD-2V6hkrnURxr4dyAmSZABM3KGIM...