GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9 advisories
FoodCoopShop Server-Side Request Forgery vulnerability
High
CVE-2023-46725
was published
for
foodcoopshop/foodcoopshop
(Composer)
Nov 2, 2023
Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem
Critical
CVE-2021-32708
was published
for
league/flysystem
(Composer)
Jun 29, 2021
Craft CMS Race condition in Token Service potentially allows for token usage greater than the token limit
Moderate
CVE-2026-27128
was published
for
craftcms/cms
(Composer)
Feb 23, 2026
Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding
High
CVE-2026-27127
was published
for
craftcms/cms
(Composer)
Feb 23, 2026
Sylius has a Promotion Usage Limit Bypass via Race Condition
High
CVE-2026-31824
was published
for
sylius/sylius
(Composer)
Mar 11, 2026
ProTip!
Advisories are also available from the
GraphQL API