GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
27,945 advisories
LibreNMS has a Stored XSS in Alert Rule
Moderate
CVE-2026-26989
was published
for
librenms/librenms
(Composer)
Feb 18, 2026
LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream.
High
CVE-2026-26988
was published
for
librenms/librenms
(Composer)
Feb 18, 2026
LibreNMS has a Stored XSS in Custom OID - unit parameter missing strip_tags()
Moderate
CVE-2026-27016
was published
for
librenms/librenms
(Composer)
Feb 18, 2026
LibreNMS /port-groups name Stored Cross-Site Scripting
Moderate
CVE-2026-26992
was published
for
librenms/librenms
(Composer)
Feb 18, 2026
LibreNMS /device-groups name Stored Cross-Site Scripting
Moderate
CVE-2026-26991
was published
for
librenms/librenms
(Composer)
Feb 18, 2026
Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path
High
CVE-2026-26280
was published
for
systeminformation
(npm)
Feb 18, 2026
Improper Control of Generation of Code ('Code Injection') in @tygo-van-den-hurk/slyde
High
CVE-2026-26974
was published
for
@tygo-van-den-hurk/slyde
(npm)
Feb 18, 2026
Picklescan (scan_pytorch) Bypass via dynamic eval MAGIC_NUMBER
High
GHSA-97f8-7cmv-76j2
was published
for
picklescan
(pip)
Feb 18, 2026
OpenClaw has an authentication bypass in sandbox browser bridge server
High
CVE-2026-28468
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw has two SSRF via sendMediaFeishu and markdown image fetching in Feishu extension
High
CVE-2026-28451
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw has a LFI in BlueBubbles media path handling
High
CVE-2026-29611
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup
Moderate
CVE-2026-27486
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw: Prevent shell injection in macOS keychain credential write
High
CVE-2026-27487
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw has a path traversal in browser trace/download output paths may allow arbitrary file writes
High
CVE-2026-28462
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw has a Path Traversal in Browser Download Functionality
Moderate
CVE-2026-26972
was published
for
openclaw
(npm)
Feb 18, 2026
Jenkins has a stored XSS vulnerability in node offline cause description
High
CVE-2026-27099
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Feb 18, 2026
Jenkins has a build information disclosure vulnerability through Run Parameter
Moderate
CVE-2026-27100
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Feb 18, 2026
ProTip!
Advisories are also available from the
GraphQL API