Most recent entries from github

https://0.0.0.0:10001/rss/recent/github/10 Most recent entries from github 2026-05-13T17:02:59.697481+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent entries. https://0.0.0.0:10001/vuln/ghsa-m2m6-cff5-3w7c ghsa-m2m6-cff5-3w7c 2026-04-24T15:36:52+00:00 RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions

RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions

2026-04-24T15:36:52+00:00 https://0.0.0.0:10001/vuln/ghsa-f5v4-2wr6-hqmg ghsa-f5v4-2wr6-hqmg 2026-04-24T15:39:37+00:00 russh has pre-auth DoS via unbounded allocation in its keyboard-interactive auth handler

russh has pre-auth DoS via unbounded allocation in its keyboard-interactive auth handler

2026-04-24T15:39:37+00:00 https://0.0.0.0:10001/vuln/ghsa-mrxx-39g5-ph77 ghsa-mrxx-39g5-ph77 2026-04-24T15:41:21+00:00 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field

2026-04-24T15:41:21+00:00 https://0.0.0.0:10001/vuln/ghsa-x92x-px7w-4gx4 ghsa-x92x-px7w-4gx4 2026-04-24T15:41:42+00:00 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

2026-04-24T15:41:42+00:00 https://0.0.0.0:10001/vuln/ghsa-xff3-5c9p-2mr4 ghsa-xff3-5c9p-2mr4 2026-04-24T15:43:25+00:00 New API: Stripe Webhook Signature Bypass via Empty Secret Enables Unlimited Quota Fraud

New API: Stripe Webhook Signature Bypass via Empty Secret Enables Unlimited Quota Fraud

2026-04-24T15:43:25+00:00 https://0.0.0.0:10001/vuln/ghsa-38c5-483c-4qqp ghsa-38c5-483c-4qqp 2026-04-24T15:57:36+00:00 Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior

Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior

2026-04-24T15:57:36+00:00 https://0.0.0.0:10001/vuln/ghsa-v638-38fc-rhfv ghsa-v638-38fc-rhfv 2026-04-24T15:59:17+00:00 AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache

AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache

2026-04-24T15:59:17+00:00 https://0.0.0.0:10001/vuln/ghsa-f5c8-m5vw-rmgq ghsa-f5c8-m5vw-rmgq 2026-04-24T16:00:09+00:00 nova-toggle-5: Improper authorization on toggle endpoint allowed non-Nova users to modify boolean fields

nova-toggle-5: Improper authorization on toggle endpoint allowed non-Nova users to modify boolean fields

2026-04-24T16:00:09+00:00 https://0.0.0.0:10001/vuln/ghsa-xqmj-j6mv-4862 ghsa-xqmj-j6mv-4862 2026-04-24T16:02:42+00:00 LiteLLM: Server-Side Template Injection in /prompts/test endpoint

LiteLLM: Server-Side Template Injection in /prompts/test endpoint

2026-04-24T16:02:42+00:00 https://0.0.0.0:10001/vuln/ghsa-qc5p-3mg5-9fh8 ghsa-qc5p-3mg5-9fh8 2026-04-24T16:11:28+00:00 Avo: Broken Access Control Through Unauthorized Execution of Arbitrary Action Classes Across Resources

Avo: Broken Access Control Through Unauthorized Execution of Arbitrary Action Classes Across Resources

2026-04-24T16:11:28+00:00