CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/03/26 3:12 p.m.•0 views

CVE-2026-3306

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed a user with read access to a repository and write access to a project to modify issue and pull request metadata through the project. When adding an item to a project that already existed, column value...

5.3CVSS5.7AI score0.0003EPSS

Exploits0References1

EUVD•added 2026/03/10 6:31 p.m.•0 views

EUVD-2026-10743

5.3CVSS5.7AI score0.0003EPSS

Exploits0References7

EUVD•added 2026/03/10 6:31 p.m.•0 views

EUVD-2026-10742

5.3CVSS5.7AI score0.0003EPSS

Exploits0References7

OSV•added 2026/03/10 6:19 p.m.•2 views

CVE-2026-3306

4.3CVSS5.7AI score0.0003EPSS

Exploits0References6

NVD•added 2026/03/10 6:19 p.m.•1 views

CVE-2026-3306

5.3CVSS0.0003EPSS

Exploits0References6

Cvelist•added 2026/03/10 5:46 p.m.•23 views

CVE-2026-3306 Improper authorization in GitHub Projects allows modification of issue and pull request metadata without repository write access

5.3CVSS0.0003EPSS

Exploits0References6

Vulnrichment•added 2026/03/10 5:46 p.m.•1 views

CVE-2026-3306 Improper authorization in GitHub Projects allows modification of issue and pull request metadata without repository write access

5.3CVSS5.7AI score0.0003EPSS

Exploits0References6

CVE•added 2026/03/10 5:46 p.m.•4 views

CVE-2026-3306

CVE-2026-3306 describes an improper authorization in GitHub Enterprise Server where a user with read access to a repository and write access to a project could modify issue and pull request metadata via the project without repository write permissions being verified during column value updates. T...

5.3CVSS5.7AI score0.0003EPSS

Exploits0References6Affected Software1

CNNVD•added 2026/03/10 12:0 a.m.•6 views

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. There is a security vulnerability in GitHub Enterprise Server, which stems from...

5.3CVSS5.8AI score0.0003EPSS

Exploits0References6

Hacker One•added 2026/01/27 11:26 p.m.•4 views

GitHub: Add labels to arbitrary issues/prs & compromise github actions label checks

A vulnerability was identified that allowed a user with read access to a repository and write access to a project to modify issue and pull request metadata through the project. When adding an item to a project that already existed, column value updates were applied without verifying the actor's...

5.3CVSS5.8AI score0.0003EPSS

Exploits0

NVD•added 2025/09/05 11:15 p.m.•2 views

CVE-2025-58371

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions 3.26.6 and below, a Github workflow used unsanitized pull request metadata in a privileged context, allowing an attacker to craft malicious input and achieve Remote Code Execution RCE on the Actions runner...

9.9CVSS0.00614EPSS

Exploits0References2

Vulnrichment•added 2025/09/05 10:42 p.m.•2 views

CVE-2025-58371 Roo Code is vulnerable to command injection via GitHub actions workflow

9.9CVSS7.4AI score0.00614EPSS

Exploits0References2

Positive Technologies•added 2025/09/05 12:0 a.m.•2 views

PT-2025-36339

Name of the Vulnerable Software and Affected Versions: Roo Code versions 3.26.6 and below Description: Roo Code is an AI-powered autonomous coding agent. A Github workflow used unsanitized pull request metadata in a privileged context, allowing an attacker to achieve Remote Code Execution RCE on...

9.9CVSS7.4AI score0.00614EPSS

Exploits0References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by