GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
3 advisories
ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components
Low
CVE-2026-55671
was published
for
github.com/zitadel/zitadel
(Go)
Jun 18, 2026
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
Moderate
CVE-2026-54094
was published
for
github.com/filebrowser/filebrowser
(Go)
Jun 12, 2026
Firefly II has Stored XSS in Audit Log Entry view via piggy bank name (ale.twig)
Moderate
GHSA-6jq6-x4cx-qvcm
was published
for
grumpydictator/firefly-iii
(Composer)
Jun 12, 2026
ProTip!
Advisories are also available from the
GraphQL API