github
diff --git a/‎advisories/github-reviewed/2026/04/GHSA-26pp-8wgv-hjvm/GHSA-26pp-8wgv-hjvm.json‎
Lines changed: 63 additions & 0 deletions b/‎advisories/github-reviewed/2026/04/GHSA-26pp-8wgv-hjvm/GHSA-26pp-8wgv-hjvm.json‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎…-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json‎ ‎…-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json‎advisories/unreviewed/2026/04/GHSA-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json renamed to advisories/github-reviewed/2026/04/GHSA-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json
Lines changed: 34 additions & 5 deletions b/‎…-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json‎ ‎…-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json‎advisories/unreviewed/2026/04/GHSA-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json renamed to advisories/github-reviewed/2026/04/GHSA-46r5-x6jq-v8g6/GHSA-46r5-x6jq-v8g6.json
Lines changed: 34 additions & 5 deletions
diff --git a/‎…-69w3-r845-3855/GHSA-69w3-r845-3855.json‎ ‎…-69w3-r845-3855/GHSA-69w3-r845-3855.json‎advisories/unreviewed/2026/04/GHSA-69w3-r845-3855/GHSA-69w3-r845-3855.json renamed to advisories/github-reviewed/2026/04/GHSA-69w3-r845-3855/GHSA-69w3-r845-3855.json
Lines changed: 33 additions & 4 deletions b/‎…-69w3-r845-3855/GHSA-69w3-r845-3855.json‎ ‎…-69w3-r845-3855/GHSA-69w3-r845-3855.json‎advisories/unreviewed/2026/04/GHSA-69w3-r845-3855/GHSA-69w3-r845-3855.json renamed to advisories/github-reviewed/2026/04/GHSA-69w3-r845-3855/GHSA-69w3-r845-3855.json
Lines changed: 33 additions & 4 deletions
diff --git a/‎advisories/github-reviewed/2026/04/GHSA-8ffj-4hx4-9pgf/GHSA-8ffj-4hx4-9pgf.json‎
Lines changed: 64 additions & 0 deletions b/‎advisories/github-reviewed/2026/04/GHSA-8ffj-4hx4-9pgf/GHSA-8ffj-4hx4-9pgf.json‎
Lines changed: 64 additions & 0 deletions
diff --git a/‎advisories/github-reviewed/2026/04/GHSA-92pp-h63x-v22m/GHSA-92pp-h63x-v22m.json‎
Lines changed: 65 additions & 0 deletions b/‎advisories/github-reviewed/2026/04/GHSA-92pp-h63x-v22m/GHSA-92pp-h63x-v22m.json‎
Lines changed: 65 additions & 0 deletions
@@ -0,0 +1,63 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-26pp-8wgv-hjvm",
+  "modified": "2026-04-08T00:17:02Z",
+  "published": "2026-04-08T00:17:02Z",
+  "aliases": [],
+  "summary": "Hono missing validation of cookie name on write path in setCookie()",
+  "details": "## Summary\n\nCookie names are not validated on the write path when using `setCookie()`, `serialize()`, or `serializeSigned()` to generate Set-Cookie headers.\n\nWhile certain cookie attributes such as domain and path are validated, the cookie name itself may contain invalid characters.\n\nThis results in inconsistent handling of cookie names between parsing (read path) and serialization (write path).\n\n## Details\n\nWhen applications use `setCookie()`, `serialize()`, or `serializeSigned()` with a user-controlled cookie name, invalid values (e.g., containing control characters such as `\\r` or `\\n`) can be used to construct malformed `Set-Cookie` header values.\n\nFor example:\n\n```\nSet-Cookie: legit\nX-Injected: evil=value\n```\n\nHowever, in modern runtimes such as Node.js and Cloudflare Workers, such invalid header values are rejected and result in a runtime error before the response is sent.\n\nAs a result, the reported header injection / response splitting behavior could not be reproduced in these environments.\n\n## Impact\n\nApplications that pass untrusted input as the cookie name to `setCookie()`, `serialize()`, or `serializeSigned()` may encounter runtime errors due to invalid header values.\n\nIn tested environments, malformed `Set-Cookie` headers are rejected before being sent, and the reported header injection behavior could not be reproduced.\n\nThis issue primarily affects correctness and robustness rather than introducing a confirmed exploitable vulnerability.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "hono"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "4.12.12"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/honojs/hono/security/advisories/GHSA-26pp-8wgv-hjvm"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/honojs/hono/commit/a586cd72e3f6122792e631ecf1817e5cabb803ec"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/honojs/hono"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/honojs/hono/releases/tag/v4.12.12"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-113"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:17:02Z",
+    "nvd_published_at": null
+  }
+}
@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-46r5-x6jq-v8g6",
-  "modified": "2026-04-07T15:30:50Z",
+  "modified": "2026-04-08T00:18:40Z",
   "published": "2026-04-07T15:30:50Z",
   "aliases": [
     "CVE-2026-33866"
   ],
+  "summary": "MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint",
   "details": "MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to access.\n\n \nThis issue affects MLflow version through 3.10.1",
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "mlflow"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "3.10.1"
+            }
+          ]
+        }
+      ]
     }
   ],
-  "affected": [],
   "references": [
     {
       "type": "ADVISORY",
@@ -23,18 +44,26 @@
       "type": "WEB",
       "url": "https://github.com/mlflow/mlflow/pull/21708"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/mlflow/mlflow/commit/005b959cacda05d1423356cfcbd9ebeda8ff96a7"
+    },
     {
       "type": "WEB",
       "url": "https://cert.pl/en/posts/2026/04/CVE-2026-33865"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/mlflow/mlflow"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-862"
     ],
     "severity": "MODERATE",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:18:40Z",
     "nvd_published_at": "2026-04-07T13:16:47Z"
   }
 }
@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-69w3-r845-3855",
-  "modified": "2026-04-07T06:30:28Z",
+  "modified": "2026-04-08T00:17:56Z",
   "published": "2026-04-07T06:30:28Z",
   "aliases": [
     "CVE-2026-1839"
   ],
+  "summary": "HuggingFace Transformers allows for arbitrary code execution in the `Trainer` class",
   "details": "A vulnerability in the HuggingFace Transformers library, specifically in the `Trainer` class, allows for arbitrary code execution. The `_load_rng_state()` method in `src/transformers/trainer.py` at line 3059 calls `torch.load()` without the `weights_only=True` parameter. This issue affects all versions of the library supporting `torch>=2.2` when used with PyTorch versions below 2.6, as the `safe_globals()` context manager provides no protection in these versions. An attacker can exploit this vulnerability by supplying a malicious checkpoint file, such as `rng_state.pth`, which can execute arbitrary code when loaded. The issue is resolved in version v5.0.0rc3.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:H"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "transformers"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "5.0.0rc3"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -23,6 +44,14 @@
       "type": "WEB",
       "url": "https://github.com/huggingface/transformers/commit/03c8082ba4594c9b8d6fe190ca9bed0e5f8ca396"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/huggingface/transformers"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/huggingface/transformers/releases/tag/v5.0.0rc3"
+    },
     {
       "type": "WEB",
       "url": "https://huntr.com/bounties/3c77bb97-e493-493d-9a88-c57f5c536485"
@@ -33,8 +62,8 @@
       "CWE-502"
     ],
     "severity": "MODERATE",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:17:56Z",
     "nvd_published_at": "2026-04-07T06:16:41Z"
   }
 }
@@ -0,0 +1,64 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-8ffj-4hx4-9pgf",
+  "modified": "2026-04-08T00:17:50Z",
+  "published": "2026-04-08T00:17:50Z",
+  "aliases": [
+    "CVE-2026-39413"
+  ],
+  "summary": "lightrag-hku: JWT Algorithm Confusion Vulnerability ",
+  "details": "## Summary\nThe LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the `jwt.decode()` call does not explicitly deny the 'none' algorithm, a crafted token without a signature will be accepted as valid, leading to unauthorized access.\n\n## Details\nIn `lightrag/api/auth.py` at line 128, the `validate_token` method calls:\n\n```python\npayload = jwt.decode(token, self.secret, algorithms=[self.algorithm])\n```\n\nThis allows any algorithm listed in the token's header to be processed, including 'none'. The code does not explicitly specify that 'none' is not allowed, making it possible for an attacker to bypass authentication.\n\n## PoC\nAn attacker can generate a JWT with the following structure:\n\n```json\n{\n  \"header\": {\n    \"alg\": \"none\",\n    \"typ\": \"JWT\"\n  },\n  \"payload\": {\n    \"sub\": \"admin\",\n    \"exp\": 1700000000,\n    \"role\": \"admin\"\n  }\n}\n```\n\nThen send a request like:\n\n```bash\ncurl -H \"Authorization: Bearer eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTcwMDAwMDAwMCwicm9sZSI6ImFkbWluIn0.\" http://localhost:8000/api/protected-endpoint\n```\n\n## Impact\nAn attacker can impersonate any user, including administrators, by forging a JWT with 'alg': 'none', gaining full access to protected resources without needing valid credentials.\n\n## Recommended Fix\nExplicitly specify allowed algorithms and exclude 'none'. Modify the `validate_token` method to:\n\n```python\nallowed_algorithms = [self.algorithm] if self.algorithm != 'none' else ['HS256', 'HS384', 'HS512']\npayload = jwt.decode(token, self.secret, algorithms=allowed_algorithms)\n```\n\nOr better yet, hardcode the expected algorithm(s):\n\n```python\npayload = jwt.decode(token, self.secret, algorithms=['HS256'])\n```",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "lightrag-hku"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.4.14"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 1.4.13"
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/HKUDS/LightRAG/security/advisories/GHSA-8ffj-4hx4-9pgf"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/HKUDS/LightRAG/commit/728f2e54509d93e0a44f929c7f83f2c88d6d291b"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/HKUDS/LightRAG"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-347"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:17:50Z",
+    "nvd_published_at": null
+  }
+}
@@ -0,0 +1,65 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-92pp-h63x-v22m",
+  "modified": "2026-04-08T00:16:39Z",
+  "published": "2026-04-08T00:16:39Z",
+  "aliases": [
+    "CVE-2026-39406"
+  ],
+  "summary": "@hono/node-server: Middleware bypass via repeated slashes in serveStatic",
+  "details": "## Summary\n\nA path handling inconsistency in `serveStatic` allows protected static files to be accessed by using repeated slashes (`//`) in the request path.\n\nWhen route-based middleware (e.g., `/admin/*`) is used for authorization, the router may not match paths containing repeated slashes, while `serveStatic` resolves them as normalized paths. This can lead to a middleware bypass.\n\n## Details\n\nThe routing layer and `serveStatic` handle repeated slashes differently.\n\nFor example:\n\n- `/admin/secret.txt` => matches `/admin/*`\n- `//admin/secret.txt` => may not match `/admin/*`\n\nThis inconsistency allows a request such as:\n\n```\nGET //admin/secret.txt\n```\n\nto bypass middleware registered on `/admin/*` and access protected files.\n\n## Impact\n\nAn attacker can access static files that are intended to be protected by route-based middleware by using repeated slashes in the request path.\n\nThis can lead to unauthorized access to sensitive files under the static root.\n\nThis issue affects applications that rely on `serveStatic` together with route-based middleware for access control.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@hono/node-server"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.19.13"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/honojs/node-server/security/advisories/GHSA-92pp-h63x-v22m"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/honojs/node-server"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/honojs/node-server/releases/tag/v1.19.13"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-22"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-04-08T00:16:39Z",
+    "nvd_published_at": null
+  }
+}