GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
2 advisories
Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation
High
CVE-2026-45013
was published
for
apostrophe
(npm)
May 14, 2026
@apostrophecms/cli: Command Injection in apos create via Unsanitized Password Input
Moderate
CVE-2026-42853
was published
for
@apostrophecms/cli
(npm)
May 14, 2026
ProTip!
Advisories are also available from the
GraphQL API