GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
16,703 advisories
OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals
High
CVE-2026-35470
was published
for
devcode-it/openstamanager
(Composer)
Apr 3, 2026
OpenSTAManager: SQL Injection via Aggiornamenti Module
High
CVE-2026-35168
was published
for
devcode-it/openstamanager
(Composer)
Apr 3, 2026
PraisonAI Has Second-Order SQL Injection in `get_all_user_threads`
Critical
CVE-2026-34934
was published
for
praisonai
(pip)
Apr 1, 2026
Payload has an SQL Injection via Query Handling
High
CVE-2026-34747
was published
for
payload
(npm)
Apr 1, 2026
OpenSTAManager has a Time-Based Blind SQL Injection via `options[stato]` Parameter
High
CVE-2026-28805
was published
for
devcode-it/openstamanager
(Composer)
Apr 1, 2026
SciTokens is vulnerable to SQL Injection in KeyCache
Critical
CVE-2026-32714
was published
for
scitokens
(pip)
Mar 31, 2026
Fleet vulnerable to SQL Injection in MDM bootstrap package by authenticated team or global admin
Moderate
CVE-2026-34386
was published
for
github.com/fleetdm/fleet/v4
(Go)
Mar 30, 2026
Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database
Moderate
CVE-2026-34385
was published
for
github.com/fleetdm/fleet/v4
(Go)
Mar 30, 2026
MikroORM is vulnerable to SQL Injection via specially crafted object
Critical
CVE-2026-34220
was published
for
@mikro-orm/core
(npm)
Mar 29, 2026
ProTip!
Advisories are also available from the
GraphQL API