GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Kyverno apiCall automatically forwards ServiceAccount token to external endpoints (credential leak)
High
GHSA-8wfp-579w-6r25
was published
for
github.com/kyverno/kyverno
(Go)
Apr 16, 2026
Kyverno has unrestricted outbound requests in Kyverno apiCall enabling SSRF
High
GHSA-qr4g-8hrp-c4rw
was published
for
github.com/kyverno/kyverno
(Go)
Apr 14, 2026
Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction
High
CVE-2026-26960
was published
for
tar
(npm)
Feb 18, 2026
ProTip!
Advisories are also available from the
GraphQL API