GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection
High
CVE-2025-64101
was published
for
github.com/zitadel/zitadel/v2
(Go)
Oct 29, 2025
ZITADEL Account Takeover via Malicious Host Header Injection
High
CVE-2023-49097
was published
for
github.com/zitadel/zitadel
(Go)
Nov 29, 2023
ZITADEL's password reset does not respect the "Ignoring unknown usernames" setting
Moderate
CVE-2023-44399
was published
for
github.com/zitadel/zitadel
(Go)
Oct 10, 2023
ProTip!
Advisories are also available from the
GraphQL API