GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
Zitadel has a user enumeration vulnerability in Login UIs
Moderate
CVE-2026-23511
was published
for
github.com/zitadel/zitadel
(Go)
Jan 15, 2026
Zitadel Discloses the Total Number of Instance Users
Moderate
CVE-2025-67717
was published
for
github.com/zitadel/zitadel
(Go)
Dec 10, 2025
ZITADEL is vulnerable to Account Takeover with deactivated Instance IdP
High
CVE-2025-64717
was published
for
github.com/zitadel/zitadel
(Go)
Nov 14, 2025
Zitadel May Bypass Second Authentication Factor
High
CVE-2025-64103
was published
for
github.com/zitadel/zitadel
(Go)
Oct 29, 2025
Zitadel allows brute-forcing authentication factors
High
CVE-2025-64102
was published
for
github.com/zitadel/zitadel
(Go)
Oct 29, 2025
ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection
High
CVE-2025-64101
was published
for
github.com/zitadel/zitadel/v2
(Go)
Oct 29, 2025
ProTip!
Advisories are also available from the
GraphQL API