GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex
High
CVE-2026-41059
was published
for
github.com/oauth2-proxy/oauth2-proxy/v7
(Go)
Apr 15, 2026
@fastify/express vulnerable to Improper Handling of URL Encoding (Hex Encoding)
High
CVE-2026-22037
was published
for
@fastify/express
(npm)
Jan 20, 2026
Fastify Middie Middleware Path Bypass
High
CVE-2026-22031
was published
for
@fastify/middie
(npm)
Jan 20, 2026
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User
High
CVE-2023-32079
was published
for
github.com/gravitl/netmaker
(Go)
Aug 25, 2023
Netmaker IDOR Allows User to Update Other User's Password
High
CVE-2023-32078
was published
for
github.com/gravitl/netmaker
(Go)
Aug 25, 2023
Netmaker has Hardcoded DNS Secret Key
High
CVE-2023-32077
was published
for
github.com/gravitl/netmaker
(Go)
Aug 25, 2023
Open Redirect in OAuth2 Proxy
High
CVE-2020-11053
was published
for
github.com/oauth2-proxy/oauth2-proxy
(Go)
Dec 20, 2021
ProTip!
Advisories are also available from the
GraphQL API