GitHub Security Advisories(GHSA)は、npm・PyPI・Maven などのオープンソース向けエコシステムで影響を受けるパッケージに対する正式な注意喚起で、多くの場合 CVE とリンクされています。 検索ボックスで GHSA や CVE を探し、エコシステムや深刻度で絞り込むか、概要文にフレーズ一致させます。
| GHSA | CVE | 深刻度 | タイプ | 概要 | 公開 |
|---|---|---|---|---|---|
| GHSA-hx3c-jrf3-3m7r | CVE-2026-54117 | high | unreviewed | Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code... | 2026-07-14 18:32:07 UTC |
| GHSA-c2qv-v7mm-7vwh | CVE-2026-54118 | high | unreviewed | Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code... | 2026-07-14 18:32:07 UTC |
| GHSA-ww8x-9jc5-9v7f | CVE-2026-50522 | critical | unreviewed | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker... | 2026-07-14 18:32:05 UTC |
| GHSA-79fq-78m6-5rrm | CVE-2026-50652 | high | unreviewed | Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to... | 2026-07-14 18:32:05 UTC |
| GHSA-w4pc-879w-rjww | CVE-2026-50350 | medium | unreviewed | Exposure of sensitive information to an unauthorized actor in Windows Trusted Runtime Interface... | 2026-07-14 18:32:04 UTC |
| GHSA-vvp9-h8p2-xwfc | CVE-2025-61670 | low | reviewed | Wasmtime: Memory leak in C API with `externref` and `anyref` types | 2026-07-14 17:48:35 UTC |
| GHSA-fqc6-vqq8-5xwp | CVE-2026-9561 | high | unreviewed | Eclipse Kura versions prior to 5.6.2 trust the client-supplied X-Forwarded-For HTTP header as the... | 2026-07-14 09:31:44 UTC |
| GHSA-cxqr-jhpf-63mm | CVE-2026-12583 | high | unreviewed | The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input... | 2026-07-14 06:31:23 UTC |
| GHSA-9jpv-c7p4-997x | CVE-2026-45579 | critical | reviewed | DIRAC is vulnerable to RCE in RequestManager due to eval on untrusted input | 2026-07-13 17:20:18 UTC |
| GHSA-hcch-p97q-5wq5 | CVE-2026-59521 | high | unreviewed | Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial... | 2026-07-13 12:35:05 UTC |
| GHSA-44cw-9w57-9hv5 | CVE-2026-59518 | critical | unreviewed | Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object... | 2026-07-13 12:35:05 UTC |
| GHSA-vj9v-j9w9-c282 | CVE-2026-57738 | critical | unreviewed | Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object... | 2026-07-13 12:35:04 UTC |
| GHSA-hm97-5498-hwc7 | CVE-2026-57724 | critical | unreviewed | Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection... | 2026-07-13 12:35:04 UTC |
| GHSA-7fcw-pr2j-6ff2 | CVE-2026-57744 | critical | unreviewed | Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18... | 2026-07-13 12:35:04 UTC |
| GHSA-5c67-234g-m9jx | CVE-2026-57770 | critical | unreviewed | Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography... | 2026-07-13 12:35:04 UTC |
| GHSA-652w-mp65-jg96 | CVE-2026-57713 | high | unreviewed | Deserialization of Untrusted Data vulnerability in Marcus (aka @msykes) Events Manager events... | 2026-07-13 12:35:03 UTC |
| GHSA-pm67-p66c-w59j | CVE-2026-57371 | high | unreviewed | Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object... | 2026-07-13 12:35:01 UTC |
| GHSA-5xq8-3g6j-ph3q | CVE-2026-58596 | high | unreviewed | Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker... | 2026-07-12 18:31:08 UTC |
| GHSA-g7vr-24c6-j32g | CVE-2026-58281 | high | unreviewed | Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized... | 2026-07-11 21:31:05 UTC |
| GHSA-vwxh-w8pq-6q99 | CVE-2026-55806 | medium | unreviewed | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Drupal Drupal core allows... | 2026-07-11 00:31:48 UTC |