GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
phpMyFAQ has a LIKE Wildcard Injection in Search.php — Unescaped % and _ Metacharacters Enable Broad Content Disclosure
Moderate
CVE-2026-34973
was published
for
thorsten/phpmyfaq
(Composer)
Apr 1, 2026
ewe Has Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Request/Response Splitting)
Moderate
CVE-2026-34715
was published
for
ewe
(Erlang)
Apr 1, 2026
AVideo has Plaintext Video Password Storage
Critical
CVE-2026-33867
was published
for
wwbn/avideo
(Composer)
Mar 26, 2026
AVideo has SQL Injection in category.php fixCleanTitle() via Unparameterized clean_title and id Variables
High
CVE-2026-33770
was published
for
wwbn/avideo
(Composer)
Mar 26, 2026
AVideo has SQL Injection via Partial Prepared Statement — videos_id Concatenated Directly into Query
High
CVE-2026-33767
was published
for
wwbn/avideo
(Composer)
Mar 26, 2026
OpenClaw's shell env fallback trusts unvalidated SHELL path from host environment
High
CVE-2026-32032
was published
for
openclaw
(npm)
Mar 3, 2026
OpenClaw safeBins grep -e File Read Bypass (stdin-only policy bypass)
Moderate
CVE-2026-32022
was published
for
openclaw
(npm)
Mar 3, 2026
ProTip!
Advisories are also available from the
GraphQL API