GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
Flowise: Weak Default Token Hash Secret
Moderate
GHSA-m7mq-85xj-9x33
was published
for
flowise
(npm)
Apr 16, 2026
Flowise: Weak Default Express Session Secret
Moderate
GHSA-2qqc-p94c-hxwh
was published
for
flowise
(npm)
Apr 16, 2026
Flowise: Weak Default JWT Secrets
Moderate
GHSA-cc4f-hjpj-g9p8
was published
for
flowise
(npm)
Apr 16, 2026
n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no
Moderate
CVE-2026-33724
was published
for
n8n
(npm)
Mar 25, 2026
Langflow is Missing Ownership Verification in API Key Deletion (IDOR)
High
CVE-2026-33053
was published
for
langflow
(pip)
Mar 18, 2026
Flowise has Insufficient Password Salt Rounds
Moderate
GHSA-x2g5-fvc2-gqvp
was published
for
flowise
(npm)
Mar 5, 2026
NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality
Moderate
CVE-2026-24767
was published
for
nocodb
(npm)
Jan 28, 2026
ProTip!
Advisories are also available from the
GraphQL API