🚨 最新安全公告
- 🟠 GHSA-q2m9-6jp9-c6mc [high] (2026-06-29)
Dgraph Vulnerable to DQL Injection via checkUserPassword GraphQL Query
- ⚪ GHSA-4v2w-2wqp-mc85 [medium] (2026-06-29)
OpenAM OAuth Authorization Bypass via PKCE Challenge
- 🟠 GHSA-f2cx-463q-7m2c [high] (2026-06-29)
OpenAM OAuth Client Impersonation via JWKS Resolver Cache
- 🟠 GHSA-69j4-qvqr-hpw3 [high] (2026-06-29)
OpenAM Authenticated RCE via Groovy Sandbox Escape
- 🟠 GHSA-qrv3-253h-g69c [high] (2026-06-27)
pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
- 🟠 GHSA-72r4-9c5j-mj57 [high] (2026-06-27)
pnpm: patch-remove could delete project-selected files outside the patches directory
- 🟠 GHSA-fr4h-3cph-29xv [high] (2026-06-27)
pnpm: Hoisted install imports lockfile alias outside node_modules
- ⚪ GHSA-ww5p-j6cj-6mqq [medium] (2026-06-26)
Nezha Dashboard: DDNS and Notification credential exposure via unredacted list API
- 🟠 GHSA-v23m-ccfg-pq9h [high] (2026-06-26)
pnpm: stage download writes outside its destination directory via manifest name/version traversal
- ⚪ GHSA-4gxm-v5v7-fqc4 [medium] (2026-06-26)
pnpm: Reserved bin name deletes PNPM_HOME during global remove
🔥 GitHub 热门安全项目
- [XenoX352/security-samp-open.mp](https://github.com/XenoX352/security-samp-open.mp) (1⭐)
granting permission to Indonesian and Malaysian players and not granting permission to players outside the country area
- [didrod205/shadowbuster](https://github.com/didrod205/shadowbuster) (1⭐)
That black redaction bar isn't redaction — it's a sticker. Drop a PDF, Excel, Word, PowerPoint or screenshot and recover what was hidden but never removed — 100% in your browser, nothing uploaded. Zero dependencies.
- [JonatasAns/Security](https://github.com/JonatasAns/Security) (0⭐)
Trabalho de segurança - final
- [adflickinger213/SecurityShield-Extension](https://github.com/adflickinger213/SecurityShield-Extension) (0⭐)
Chrome security extension with phishing detection, HTTPS enforcement, and threat warnings
- [JuanDFrancoC/Spring-Security](https://github.com/JuanDFrancoC/Spring-Security) (0⭐)
Autorizacion y Autenticacion
📡 数据来源: GitHub Security Advisories · 由 PingSec 安全日报自动生成