GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5 advisories
Statamic has Stored XSS via SVG Sanitization Bypass
High
CVE-2026-33172
was published
for
statamic/cms
(Composer)
Mar 18, 2026
StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation
Moderate
CVE-2026-32103
was published
for
studiocms
(npm)
Mar 12, 2026
StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service
High
CVE-2026-30945
was published
for
studiocms
(npm)
Mar 11, 2026
StudioCMS has Privilege Escalation via Insecure API Token Generation
High
CVE-2026-30944
was published
for
studiocms
(npm)
Mar 10, 2026
StudioCMS has Authorization Bypass Through User-Controlled Key
Moderate
CVE-2026-24134
was published
for
studiocms
(npm)
Jan 27, 2026
ProTip!
Advisories are also available from the
GraphQL API