GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check
Moderate
CVE-2026-30886
was published
for
github.com/QuantumNous/new-api
(Go)
Mar 23, 2026
ormar Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model Constructor
High
CVE-2026-27953
was published
for
ormar
(pip)
Mar 19, 2026
Statamic allows Authenticated Control Panel users to escalate privileges via elevated session bypass
High
CVE-2026-27939
was published
for
statamic/cms
(Composer)
Feb 27, 2026
ProTip!
Advisories are also available from the
GraphQL API