GitHub Security Advisories (GHSA) are authoritative notices for vulnerable open-source packages and ecosystems (for example npm, PyPI, or Maven), usually with a linked CVE. Use the search box to find a GHSA or CVE, narrow by ecosystem or severity, or match phrases in the summary.
| GHSA | CVE | Severity | Type | Summary | Published |
|---|---|---|---|---|---|
| GHSA-c6wm-vgr9-6gqx | CVE-2026-15204 | medium | unreviewed | A vulnerability was detected in TOTOLINK X5000R 9.1.0cu.2415_B20250515/9.1.0cu.2350_B20230313.... | 2026-07-09 18:31:53 UTC |
| GHSA-8h66-74hr-gcf7 | CVE-2026-15202 | low | unreviewed | A security vulnerability has been detected in YzmCMS up to 7.5. Affected is the function get_url... | 2026-07-09 18:31:53 UTC |
| GHSA-7793-hmg3-gh57 | CVE-2026-61343 | high | unreviewed | LibreBooking's email template editor save action passes the submitted template name directly into... | 2026-07-09 18:31:53 UTC |
| GHSA-3q6q-8gwq-hrm6 | CVE-2026-61344 | medium | unreviewed | The Superior Court of California Hearing Reminder Service at https://www.hrs.courts.ca.gov... | 2026-07-09 18:31:53 UTC |
| GHSA-xcpq-fjmw-996v | CVE-2026-51604 | high | unreviewed | A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1... | 2026-07-09 18:31:52 UTC |
| GHSA-vmqq-vpj5-fgxw | CVE-2026-51603 | high | unreviewed | A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1... | 2026-07-09 18:31:52 UTC |
| GHSA-qc6r-wrm6-23pm | CVE-2026-53987 | high | unreviewed | The Tag plugin for GLPI 11 before 2.14.4 stores the tag name without HTML sanitization and... | 2026-07-09 18:31:52 UTC |
| GHSA-pgqw-x8wr-7q7m | CVE-2026-51601 | unknown | unreviewed | Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service.... | 2026-07-09 18:31:52 UTC |
| GHSA-g3rw-v45p-h99c | CVE-2026-51598 | medium | unreviewed | An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build... | 2026-07-09 18:31:52 UTC |
| GHSA-chqm-m3x4-h3rh | CVE-2026-51600 | high | unreviewed | Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP... | 2026-07-09 18:31:52 UTC |
| GHSA-c38f-3577-frmw | CVE-2026-51599 | unknown | unreviewed | An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5... | 2026-07-09 18:31:52 UTC |
| GHSA-9ppp-4252-fggq | CVE-2026-51605 | high | unreviewed | A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1... | 2026-07-09 18:31:52 UTC |
| GHSA-55vc-29g2-vffg | CVE-2026-51602 | high | unreviewed | A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1... | 2026-07-09 18:31:52 UTC |
| GHSA-4gxm-xgrj-8mg2 | CVE-2026-51606 | high | unreviewed | An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9... | 2026-07-09 18:31:52 UTC |
| GHSA-2hhc-4hqc-4mg8 | CVE-2026-58459 | high | unreviewed | gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability... | 2026-07-09 18:31:52 UTC |
| GHSA-xh76-qhvp-prh8 | CVE-2026-23562 | critical | unreviewed | [This CNA information record relates to multiple CVEs; the text explains which aspects... | 2026-07-09 18:31:51 UTC |
| GHSA-x9x8-26mr-9wmm | CVE-2026-61474 | medium | unreviewed | An improper authorization check in MISP’s attribute creation endpoint allowed an authenticated... | 2026-07-09 18:31:51 UTC |
| GHSA-wpmg-2gv8-722g | CVE-2026-13462 | high | unreviewed | PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows... | 2026-07-09 18:31:51 UTC |
| GHSA-qcqf-phv4-c959 | CVE-2026-15192 | medium | unreviewed | A vulnerability has been found in mettle sendportal up to 3.0.1. This issue affects the function... | 2026-07-09 18:31:51 UTC |
| GHSA-g8qr-vqpc-qjpw | CVE-2026-13461 | unknown | unreviewed | When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the... | 2026-07-09 18:31:51 UTC |