GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
3 advisories
SandboxJS: Sandbox integrity escape
Critical
CVE-2026-34208
was published
for
@nyariv/sandboxjs
(npm)
Apr 3, 2026
Parse Server: Account takeover via operator injection in authentication data identifier
Critical
CVE-2026-32248
was published
for
parse-server
(npm)
Mar 12, 2026
Parse Server's OAuth2 adapter shares mutable state across providers via singleton instance
Critical
CVE-2026-32242
was published
for
parse-server
(npm)
Mar 12, 2026
ProTip!
Advisories are also available from the
GraphQL API