github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 523
Star 2.1k

Code
Issues 77
Pull requests 16
Discussions
Actions
Models
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

16 Open 6,066 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-wj5w-qghh-gvqp] Mattermost Server does not neutralize HTML content in an Email template field

#6731 opened Jan 28, 2026 by asrar-mared

Loading…

[GHSA-6pfh-p556-v868] pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)

#6729 opened Jan 27, 2026 by mgol

Loading…

[GHSA-vj87-jj27-4h9c] wolfSSL Python module vulnerable to Improper Authentication

#6727 opened Jan 27, 2026 by rhdesmond

Loading…

[GHSA-r8w2-w357-9pjv] XDocReport affected by a Server-Side Template Injection (SSTI) vulnerability

#6725 opened Jan 27, 2026 by kevinleturc

Loading…

[GHSA-rqff-837h-mm52] Authorization bypass in url-parse

#6723 opened Jan 26, 2026 by ljharb

Loading…

[GHSA-mq86-p3gw-wcpj] In Grafana, an excessively long dashboard title or panel...

#6721 opened Jan 26, 2026 by grigoer

Loading…

[GHSA-gm89-qh2c-m553] An open redirect vulnerability has been identified in...

#6720 opened Jan 26, 2026 by grigoer

Loading…

[GHSA-9r7m-2qj2-8f7h] This vulnerability in Grafana's datasource proxy API...

#6719 opened Jan 26, 2026 by grigoer

Loading…

[GHSA-q3c7-4hv8-jhvp] An access control vulnerability was discovered in Grafana...

#6718 opened Jan 26, 2026 by grigoer

Loading…

[GHSA-p5pg-4vx4-pqj7] Grafana is an open-source platform for monitoring and...

#6717 opened Jan 26, 2026 by grigoer

Loading…

[GHSA-fjxv-7rqg-78g4] form-data uses unsafe random function in form-data for choosing boundary

#6711 opened Jan 26, 2026 by CosmicJesterX

Loading…

[GHSA-8v38-pw62-9cw2] url-parse Incorrectly parses URLs that include an '@'

#6700 opened Jan 24, 2026 by ljharb

Loading…

[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue

#6638 opened Jan 12, 2026 by gdsmith

Loading…

[GHSA-77r5-gw3j-2mpf] Next.js Vulnerable to HTTP Request Smuggling

#6636 opened Jan 10, 2026 by mistressxalexis

Loading…

[GHSA-vj76-c3g6-qr5v] tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball Stale

#6581 opened Dec 27, 2025 by kristentr

Loading…

[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

#6573 opened Dec 22, 2025 by G-Rath

Loading…

ProTip! What’s not been updated in a month: updated:<2025-12-27.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!