joshdonnell/radar
A lightweight dependency health dashboard for Laravel applications
时间:2026-05-06 22:28
infinri/ase
Automated Security Evaluator -- CVE monitoring for Magento / Adobe Commerce / Mage-OS stores. Polls KEV/NVD/GHSA/OSV/Packagist, prioritizes with CVSS+EPSS+KEV, alerts via Slack.
时间:2026-04-19 22:28
qoliber/magento-open-source-security
Magento 2 security modules for Qoliber open source patches and fixes.
时间:2026-04-03 13:44
richardstyles/wire-shield
Monitors Livewire update requests for deserialization attack patterns (CVE-2025-54068 and related gadget chains).
时间:2026-02-10 22:37
samjuk/m2-meta-security-patches
Meta package to apply all the new isolated security and emergency patches for Magento 2
时间:2026-02-01 21:48
ysaxon/pyrocms-ssti-fix
Security fix for PyroCMS SSTI vulnerability (CVE-2023-29689). Applies Twig sandbox to user-editable templates.
时间:2026-01-09 20:30
henrique-borba/php-sieve-manager
A modern (started in 2022) PHP library for the ManageSieve protocol (RFC5804) to create/edit Sieve scripts (RFC5228). Used by Cypht Webmail.
时间:2026-01-04 19:06
deployecommerce/module-prevent-customer-address-file-upload
A Magento2 extension that prevents file uploads to the /customer/address_file/upload endpoint.
时间:2026-01-04 06:35
pacificsec/cpe
CPE: Common Platform Enumeration for PHP
时间:2026-01-04 06:08
commercetools/php-sdk
This Composable Commerce PHP SDK is deprecated effective 1st September 2022. We recommend you to use our new SDK here https://docs.commercetools.com/sdk/php-sdk#php-sdk-v2.
时间:2026-01-04 04:35
wubinworks/module-xml-security
A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced security.
时间:2024-12-23 13:34
wubinworks/module-jwt-auth-patch
Fix the JWT authentication vulnerability on certain Magento 2 versions. Deny tokens issued by old encryption key. If you cannot upgrade Magento or cannot apply the official patch, try this one.
时间:2024-12-10 05:54
wubinworks/module-encryption-key-manager-cli
A utility for Magento 2 encryption key rotation and management. CVE-2024-34102(aka Cosmic Sting) victims can use it as an aftercare.
时间:2024-12-04 16:08
wubinworks/module-template-filter-patch
Magento 2 patch for CVE-2022-24086, CVE-2022-24087. Fix the RCE vulnerability and related bugs by performing deep template variable escaping. If you cannot upgrade Magento or cannot apply the official patches, try this one.
时间:2024-11-25 10:14
sixbysix/magento2-trojanorder
Prevents bots creating fake orders while attempting to exploit CVE-2022-24086
时间:2024-09-04 06:23