GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Craft CMS has a Missing Authorization Check on User Group Removal via save-permissions Action
Moderate
GHSA-jq2f-59pj-p3m3
was published
for
craftcms/cms
(Composer)
Apr 14, 2026
baserCMS Path Traversal Leads to Arbitrary File Write and RCE via Theme File API
High
CVE-2026-30940
was published
for
baserproject/basercms
(Composer)
Mar 31, 2026
baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)
Critical
CVE-2026-21861
was published
for
baserproject/basercms
(Composer)
Mar 31, 2026
ProTip!
Advisories are also available from the
GraphQL API