GitHub Security Advisories

GitHub Security Advisories(GHSA)は、npm・PyPI・Maven などのオープンソース向けエコシステムで影響を受けるパッケージに対する正式な注意喚起で、多くの場合 CVE とリンクされています。 検索ボックスで GHSA や CVE を探し、エコシステムや深刻度で絞り込むか、概要文にフレーズ一致させます。

表示中 121140 / 51541 アドバイザリ
GHSA CVE 深刻度 タイプ 概要 公開
GHSA-mggp-f2j5-mm3g CVE-2026-47896 high unreviewed Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... 2026-07-03 09:31:29 UTC
GHSA-735g-4w2p-c7c6 CVE-2026-9756 medium unreviewed The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline... 2026-07-03 09:31:29 UTC
GHSA-665g-qf3w-4vf7 CVE-2026-35159 medium unreviewed Dell Client Platform BIOS contains an Authentication Bypass by Primary Weakness vulnerability. An... 2026-07-03 09:31:29 UTC
GHSA-w64h-p64p-r649 CVE-2026-11398 medium unreviewed The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is... 2026-07-03 09:31:28 UTC
GHSA-vwpr-fv2p-8c56 CVE-2026-14544 critical unreviewed A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an... 2026-07-03 09:31:28 UTC
GHSA-rh7m-r3xm-v5xg CVE-2026-8804 medium unreviewed Puppet resource_api (shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x) does... 2026-07-03 09:31:28 UTC
GHSA-ppgc-36hr-q23g CVE-2026-11900 medium unreviewed The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Insecure Direct... 2026-07-03 09:31:28 UTC
GHSA-mh45-hp98-pch7 CVE-2026-9148 high unreviewed The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... 2026-07-03 09:31:28 UTC
GHSA-m739-f9cm-66x2 CVE-2026-47898 medium unreviewed Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene... 2026-07-03 09:31:28 UTC
GHSA-j6gj-9v56-qvqx CVE-2026-9230 medium unreviewed The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable... 2026-07-03 09:31:28 UTC
GHSA-j638-4r9q-m7mm CVE-2026-11778 medium unreviewed The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress... 2026-07-03 09:31:28 UTC
GHSA-cvjh-fmg7-m8wm CVE-2026-8351 medium unreviewed The RTMKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced... 2026-07-03 09:31:28 UTC
GHSA-6j76-xrvp-5rhc CVE-2026-47897 high unreviewed Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... 2026-07-03 09:31:28 UTC
GHSA-xq9p-gxg6-f7q6 CVE-2026-9547 unknown unreviewed When a libcurl-based application performs transfers via `SCP://` or `SFTP://` and utilizes the ... 2026-07-03 09:31:27 UTC
GHSA-vw2x-3w8j-rq82 CVE-2026-8926 unknown unreviewed When asking curl to use a `.netrc` file to find credentials and at the same time specifying a URL... 2026-07-03 09:31:27 UTC
GHSA-m7xm-hf59-w6rj CVE-2026-8932 unknown unreviewed libcurl would reuse a previously created connection even when some mTLS config related option had... 2026-07-03 09:31:27 UTC
GHSA-jr4f-4564-w3mr CVE-2026-8927 unknown unreviewed When reusing a libcurl handle for sequential transfers driven by environment-variable proxy... 2026-07-03 09:31:27 UTC
GHSA-hf34-v47h-w6m3 CVE-2026-9080 unknown unreviewed Calling `curl_easy_pause()` within the event-based `CURLMOPT_SOCKETFUNCTION` callback triggers a... 2026-07-03 09:31:27 UTC
GHSA-f4cv-xm48-3694 CVE-2026-9079 unknown unreviewed libcurl had a flaw that when instructed to clear proxy authentication credentials which made it... 2026-07-03 09:31:27 UTC
GHSA-6v72-wfcj-jv53 CVE-2026-9545 unknown unreviewed In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when... 2026-07-03 09:31:27 UTC
cvelogic Threat Intelligence