GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
File Browser’s insecure JWT handling can lead to session replay attacks after logout
High
CVE-2025-53826
was published
for
github.com/filebrowser/filebrowser
(Go)
Jul 16, 2025
File Browser's password protection of links is bypassable
Low
CVE-2025-52996
was published
for
github.com/filebrowser/filebrowser
(Go)
Jun 30, 2025
OPKSSH Vulnerable to Authentication Bypass
Critical
CVE-2025-4658
was published
for
github.com/openpubkey/opkssh
(Go)
May 13, 2025
OpenPubkey Vulnerable to Authentication Bypass
Critical
CVE-2025-3757
was published
for
github.com/openpubkey/openpubkey
(Go)
May 13, 2025
Dapr API token authentication bypass in HTTP endpoints
Moderate
CVE-2023-37918
was published
for
github.com/dapr/dapr
(Go)
Jul 21, 2023
golang-nanoauth authentication bypass vulnerability
Critical
CVE-2020-36569
was published
for
github.com/nanobox-io/golang-nanoauth
(Go)
Dec 28, 2022
Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server
High
CVE-2021-21403
was published
for
github.com/kongchuanhujiao/server
(Go)
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API