GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
FileBrowser Public Share DELETE API Path Traversal Allows Unauthenticated Arbitrary File Deletion
Critical
CVE-2026-44542
was published
for
github.com/gtsteffaniak/filebrowser
(Go)
May 7, 2026
PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution
Moderate
CVE-2026-33623
was published
for
github.com/pinchtab/pinchtab
(Go)
Mar 24, 2026
A PinchTab Security Policy Bypass in /wait Allows Arbitrary JavaScript Execution
Moderate
CVE-2026-33622
was published
for
github.com/pinchtab/pinchtab
(Go)
Mar 24, 2026
PinchTab has a Blind SSRF via browser-side redirect bypass in /download URL validation
Moderate
CVE-2026-33081
was published
for
github.com/pinchtab/pinchtab
(Go)
Mar 18, 2026
ProTip!
Advisories are also available from the
GraphQL API