GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
MantisBT has a Private Bugnote Attachment Content Leak via REST API
High
CVE-2026-42071
was published
for
mantisbt/mantisbt
(Composer)
May 11, 2026
MantisBT: Authorization Bypass in Bugnote Editing via Issue Update API
Moderate
CVE-2026-42070
was published
for
mantisbt/mantisbt
(Composer)
May 11, 2026
MantisBT is Vulnerable to Stored XSS in Custom Field Textarea Values
Moderate
CVE-2026-39960
was published
for
mantisbt/mantisbt
(Composer)
May 11, 2026
ERB has an @_init deserialization guard bypass via def_module / def_method / def_class
High
CVE-2026-41316
was published
for
erb
(RubyGems)
Apr 24, 2026
ProTip!
Advisories are also available from the
GraphQL API