**GitHub 安全公告(GHSA)** 是針對易受攻擊的開源套件與生態(如 npm、PyPI、Maven)的權威通告,通常關聯 **CVE**。 使用搜尋框尋找 GHSA 或 CVE,依生態或嚴重度篩選,或在摘要中比對片語。
| GHSA | CVE | 嚴重度 | 類型 | 摘要 | 公開時間 |
|---|---|---|---|---|---|
| GHSA-f4rh-8hh9-hc4p | CVE-2026-57813 | critical | unreviewed | Incorrect Privilege Assignment vulnerability in properfraction MailOptin mailoptin allows... | 2026-07-13 12:35:05 UTC |
| GHSA-crv4-3fgg-f4cf | CVE-2026-57812 | medium | unreviewed | Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule... | 2026-07-13 12:35:05 UTC |
| GHSA-cg2w-cg9j-gmmp | CVE-2026-57816 | high | unreviewed | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... | 2026-07-13 12:35:05 UTC |
| GHSA-9h7h-8vpv-wqjf | CVE-2026-61955 | high | unreviewed | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... | 2026-07-13 12:35:05 UTC |
| GHSA-9grp-f7qg-6m8w | CVE-2026-61956 | high | unreviewed | Cross-Site Request Forgery (CSRF) vulnerability in hamsalam ووسلام – همگام سازی ووکامرس و... | 2026-07-13 12:35:05 UTC |
| GHSA-9c43-4m2w-p54m | CVE-2026-57799 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-8929-hx95-2hwj | CVE-2026-57804 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-7pcc-hrvx-j227 | CVE-2026-57791 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-6hg9-36gc-wphg | CVE-2026-59516 | high | unreviewed | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... | 2026-07-13 12:35:05 UTC |
| GHSA-59wc-27pm-mx9p | CVE-2026-59515 | critical | unreviewed | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... | 2026-07-13 12:35:05 UTC |
| GHSA-4xqx-fh48-pw49 | CVE-2026-61952 | medium | unreviewed | Missing Authorization vulnerability in Jose Vega WooCommerce Bulk Edit Products – WP Sheet Editor... | 2026-07-13 12:35:05 UTC |
| GHSA-4w75-4w83-g4vf | CVE-2026-57814 | high | unreviewed | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... | 2026-07-13 12:35:05 UTC |
| GHSA-44cw-9w57-9hv5 | CVE-2026-59518 | critical | unreviewed | Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object... | 2026-07-13 12:35:05 UTC |
| GHSA-3f56-258r-mg3f | CVE-2026-57789 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-379x-gfrj-jr3p | CVE-2026-57800 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-28q2-4852-69x5 | CVE-2026-57792 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-23pf-3ffj-v774 | CVE-2026-57803 | high | unreviewed | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... | 2026-07-13 12:35:05 UTC |
| GHSA-wwgx-g3xj-467p | CVE-2026-57779 | medium | unreviewed | Missing Authorization vulnerability in themebeez Fascinate fascinate allows Exploiting... | 2026-07-13 12:35:04 UTC |
| GHSA-vp4p-g3h9-9pc8 | CVE-2026-57733 | high | unreviewed | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... | 2026-07-13 12:35:04 UTC |
| GHSA-vmvq-4mm3-7wv5 | CVE-2026-57745 | high | unreviewed | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... | 2026-07-13 12:35:04 UTC |