CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.