GitHub Vulnerabilities

3 advisories affecting GitHub

3

Total CVEs

2

Critical

1

High

CVE-2026-31852

Mar 11, 2026

Critical (10.0)

Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is vulnerable to arbitrary code execution via pull requests from forked repositories. Due...

Read Advisory

CVE-2026-23654

Mar 10, 2026

High (8.8)

Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network....

Read Advisory

CVE-2026-27941

Feb 26, 2026

Critical (9.9)

OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the `pull_request_target` event while checking out a...

Read Advisory

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.