GitHub Security Advisories

GitHub Security Advisories(GHSA)は、npm・PyPI・Maven などのオープンソース向けエコシステムで影響を受けるパッケージに対する正式な注意喚起で、多くの場合 CVE とリンクされています。 検索ボックスで GHSA や CVE を探し、エコシステムや深刻度で絞り込むか、概要文にフレーズ一致させます。

表示中 161180 / 53191 アドバイザリ
GHSA CVE 深刻度 タイプ 概要 公開
GHSA-wr4j-hg4g-74fm CVE-2026-15377 low unreviewed A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this... 2026-07-10 18:32:19 UTC
GHSA-v6x3-78p8-29hj CVE-2025-70796 high unreviewed An unauthenticated path traversal vulnerability exists in the web management interface of WTI ... 2026-07-10 18:32:19 UTC
GHSA-q58p-r45f-cjqp CVE-2026-3251 medium unreviewed Improper neutralization of input during web page generation ('cross-site scripting')... 2026-07-10 18:32:19 UTC
GHSA-j7jj-549c-j492 CVE-2026-8609 medium unreviewed An unauthenticated attacker can repeatedly call Grafana's OAuth login route with unique values,... 2026-07-10 18:32:19 UTC
GHSA-hhhx-wxgr-pj4r CVE-2026-8595 medium unreviewed A user with Editor permissions can craft a dashboard whose table (TableNG) panel contains a... 2026-07-10 18:32:19 UTC
GHSA-g6v8-8hw9-mxr9 CVE-2026-51119 critical unreviewed An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the ... 2026-07-10 18:32:19 UTC
GHSA-g4hc-6r3w-3xjp CVE-2026-15373 low unreviewed A vulnerability was detected in Eleveo Call Recording Software 9.7.0. The impacted element is an... 2026-07-10 18:32:19 UTC
GHSA-c5gr-gm67-478c CVE-2026-15375 low unreviewed A vulnerability has been found in Eleveo Call Recording Software 9.7.0. This impacts an unknown... 2026-07-10 18:32:19 UTC
GHSA-8jm8-xjp3-35hq CVE-2026-2398 high unreviewed Authorization bypass through User-Controlled key vulnerability in Adam Retail Automation Ltd.... 2026-07-10 18:32:19 UTC
GHSA-7c75-35mf-f3w9 CVE-2026-15374 low unreviewed A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function... 2026-07-10 18:32:19 UTC
GHSA-62g6-4j9c-6v7p CVE-2026-39903 high unreviewed Simple Machines Forum 2.1 prior to 2.1.8 and 3.0 prior to 3.0 Alpha 5 contains an authorization... 2026-07-10 18:32:19 UTC
GHSA-34cr-c6hf-4xgc CVE-2026-15143 critical unreviewed A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability... 2026-07-10 18:32:19 UTC
GHSA-489g-7rxv-6c8q medium reviewed MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826) 2026-07-10 18:01:22 UTC
GHSA-jxj7-g6gm-49j7 CVE-2026-49977 medium reviewed tarteaucitron: data-cookie attribute can be used to delete arbitrary cookies 2026-07-10 16:05:00 UTC
GHSA-cwc9-cp4j-mcvv CVE-2026-49866 high reviewed libp2p: CPU DoS via oversized IHAVE and IWANT control message arrays 2026-07-10 16:04:49 UTC
GHSA-pj8j-p4g4-4vw8 CVE-2026-49865 medium reviewed Kimai has Server-Side Request Forgery in Invoice PDF Rendering via Markdown Image URLs 2026-07-10 16:04:40 UTC
GHSA-xg8j-6m35-m6wr CVE-2026-61450 high unreviewed Grav before 2.0.2 contains a Twig sandbox bypass that allows a page author (any admin.pages user,... 2026-07-10 15:31:42 UTC
GHSA-wrw8-384c-cg76 CVE-2026-61434 high unreviewed PraisonAI versions before 4.6.78 contain an allowlist bypass vulnerability in shell command... 2026-07-10 15:31:42 UTC
GHSA-vwv5-32vr-3jcp CVE-2026-61444 critical unreviewed PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where... 2026-07-10 15:31:42 UTC
GHSA-jxpj-m582-7727 CVE-2026-61455 high unreviewed Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract() that... 2026-07-10 15:31:42 UTC
cvelogic Threat Intelligence