GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,280 advisories
n8n Has Authorization Bypass in OAuth Callback via N8N_SKIP_AUTH_ON_OAUTH_CALLBACK
Moderate
CVE-2026-33720
was published
for
n8n
(npm)
Mar 25, 2026
Vikunja has Cross-Project Information Disclosure via Task Relations — Missing Authorization Check on Related Task Read
Moderate
CVE-2026-33676
was published
for
code.vikunja.io/api
(Go)
Mar 25, 2026
AVideo: Video Moderator Privilege Escalation via Ownership Transfer Enables Arbitrary Video Deletion
High
CVE-2026-33650
was published
for
wwbn/avideo
(Composer)
Mar 25, 2026
Parse Server's Session Update endpoint allows overwriting server-generated session fields
Moderate
CVE-2026-33527
was published
for
parse-server
(npm)
Mar 24, 2026
Parse Server's LiveQuery bypasses CLP pointer permission enforcement
High
CVE-2026-33421
was published
for
parse-server
(npm)
Mar 20, 2026
etcd: Nested etcd transactions bypass RBAC authorization checks
Low
CVE-2026-33343
was published
for
go.etcd.io/etcd
(Go)
Mar 20, 2026
Vikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account Disablement
High
CVE-2026-33316
was published
for
code.vikunja.io/api
(Go)
Mar 20, 2026
ProTip!
Advisories are also available from the
GraphQL API