GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
flarum/nicknames extension has display name injection in notification emails (autolink & markdown)
Moderate
CVE-2026-30913
was published
for
flarum/nicknames
(Composer)
Mar 10, 2026
Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite
Moderate
CVE-2025-27794
was published
for
flarum/core
(Composer)
Mar 12, 2025
Flarum's logout Route allows open redirects
Moderate
CVE-2024-21641
was published
for
flarum/core
(Composer)
Jan 5, 2024
ProTip!
Advisories are also available from the
GraphQL API