GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
2 advisories
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
Moderate
CVE-2026-54094
was published
for
github.com/filebrowser/filebrowser
(Go)
Jun 12, 2026
Firefly II has Stored XSS in Audit Log Entry view via piggy bank name (ale.twig)
Moderate
GHSA-6jq6-x4cx-qvcm
was published
for
grumpydictator/firefly-iii
(Composer)
Jun 12, 2026
ProTip!
Advisories are also available from the
GraphQL API