GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8,810 advisories
AVideo: CSRF on Player Skin Configuration via admin/playerUpdate.json.php
Moderate
CVE-2026-35181
was published
for
wwbn/avideo
(Composer)
Apr 3, 2026
OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode
Moderate
GHSA-mhr7-2xmv-4c4q
was published
for
openclaw
(npm)
Apr 3, 2026
AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins
Moderate
CVE-2026-34613
was published
for
wwbn/avideo
(Composer)
Apr 1, 2026
AVideo: CSRF on emailAllUsers.json.php Enables Mass Phishing Email to All Users
Moderate
CVE-2026-34611
was published
for
wwbn/avideo
(Composer)
Apr 1, 2026
AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking
High
CVE-2026-34394
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
Admidio has CSRF and Form Validation Bypass in Inventory Item Save via `imported` Parameter
Moderate
CVE-2026-34383
was published
for
admidio/admidio
(Composer)
Mar 31, 2026
Admidio has Missing CSRF Protection on Registration Approval Actions
Moderate
CVE-2026-34384
was published
for
admidio/admidio
(Composer)
Mar 31, 2026
Admidio has Missing CSRF Protections on Custom List Deletion in mylist_function.php
Moderate
CVE-2026-34382
was published
for
admidio/admidio
(Composer)
Mar 31, 2026
AVideo's GET-Based CSRF in setPermission.json.php Enables Privilege Escalation via Arbitrary Permission Modification
High
CVE-2026-33649
was published
for
wwbn/avideo
(Composer)
Mar 25, 2026
ProTip!
Advisories are also available from the
GraphQL API