GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6,244 advisories
JinJava Bypass through ForTag leads to Arbitrary Java Execution
Critical
CVE-2026-25526
was published
for
com.hubspot.jinjava:jinjava
(Maven)
Feb 3, 2026
AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion
High
CVE-2026-24400
was published
for
org.assertj:assertj-core
(Maven)
Jan 26, 2026
XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages
Moderate
CVE-2026-24128
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Jan 23, 2026
ProTip!
Advisories are also available from the
GraphQL API