Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML() Critical
CVE-2026-54158 was published for github.com/siyuan-note/siyuan/kernel (Go) Jul 10, 2026
hillalee Credited to hillalee
SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet() Critical
CVE-2026-54067 was published for github.com/siyuan-note/siyuan/kernel (Go) Jul 10, 2026
hillalee Credited to hillalee
Better Auth has stored XSS in the auth-server origin via javascript: redirect_uri in oidc-provider and mcp High
GHSA-86j7-9j95-vpqj was published for better-auth (npm) Jul 7, 2026
hillalee Credited to hillalee
LinkifyIt#match scan loop has quadratic algorithmic complexity High
CVE-2026-48801 was published for linkify-it (npm) Jun 26, 2026
hillalee Credited to hillalee
ProTip! Advisories are also available from the GraphQL API