GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
High
GHSA-g9rg-8vq5-mpwm
was published
for
mcp-memory-service
(pip)
Mar 7, 2026
mcp-memory-service Vulnerable to System Information Disclosure via Health Endpoint
Moderate
CVE-2026-29787
was published
for
mcp-memory-service
(pip)
Mar 5, 2026
MCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url headers
High
CVE-2026-27826
was published
for
mcp-atlassian
(pip)
Mar 10, 2026
MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment
Critical
CVE-2026-27825
was published
for
mcp-atlassian
(pip)
Mar 10, 2026
ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle
Moderate
CVE-2026-32111
was published
for
ha-mcp
(pip)
Mar 12, 2026
ha-mcp has XSS via Unescaped HTML in OAuth Consent Form
Moderate
CVE-2026-32112
was published
for
ha-mcp
(pip)
Mar 12, 2026
ProTip!
Advisories are also available from the
GraphQL API