github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 552
Star 2.2k

Code
Issues 68
Pull requests 16
Discussions
Actions
Models
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

16 Open 6,374 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-8gc5-j5rx-235r] fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)

#7220 opened Mar 24, 2026 by yuezk

Loading…

[GHSA-r3hf-q3mf-7h6w] A vulnerability was found in HybridAuth up to 3.12.2....

#7219 opened Mar 23, 2026 by jontyms

Loading…

[GHSA-mgvc-8q2h-5pgc] Spring Boot has an Authentication Bypass under Actuator CloudFoundry endpoints

#7218 opened Mar 23, 2026 by yeikel

Loading…

[GHSA-5c4f-pxmx-xcm4] Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions

#7213 opened Mar 22, 2026 by decsecre583

Loading…

[GHSA-48g7-3x6r-xfhp] Arbitrary Code Execution via Crafted Keras Config for Model Loading

#7212 opened Mar 22, 2026 by decsecre583

Loading…

[GHSA-x44p-gvrj-pj2r] Amazon S3 Encryption Client for Java has a Key Commitment Issue

#7210 opened Mar 22, 2026 by decsecre583

Loading…

[GHSA-mwcc-7vpp-xmv9] MongoDB driver extension affected by mongoc_bulk_operation_t's read of invalid memory

#7209 opened Mar 22, 2026 by decsecre583

Loading…

[GHSA-p436-gjf2-799p] Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows

#7207 opened Mar 21, 2026 by levpachmanov

Loading…

[GHSA-jx49-fphc-w293] Improper Restriction of XML External Entity Reference...

#7197 opened Mar 19, 2026 by Bhanu99517

Loading…

[GHSA-fg6f-75jq-6523] Authlib has 1-click Account Takeover vulnerability

#7191 opened Mar 18, 2026 by levpachmanov

Loading…

[GHSA-q9hv-hpm4-hj6x] CIRCL has an incorrect calculation in secp384r1 CombinedMult

#7173 opened Mar 15, 2026 by yusuke-koyoshi

Loading…

[GHSA-h2f4-v4c4-6wx4] Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server

#7093 opened Mar 2, 2026 by Meet003118

Loading…

[GHSA-mw96-cpmx-2vgc] Rollup 4 has Arbitrary File Write via Path Traversal Stale

#7089 opened Mar 1, 2026 by JaclynCodes

Loading…

[GHSA-7r86-cg39-jmmj] minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments

#7087 opened Feb 28, 2026 by ljharb

Loading…

[GHSA-qq67-mvv5-fw3g] Astro has Full-Read SSRF in error rendering via Host: header injection Keep

#7055 opened Feb 24, 2026 by kytta

Loading…

[GHSA-8398-gmmx-564h] n8n has a Python sandbox escape Stale

#7029 opened Feb 23, 2026 by c0rydoras

Loading…

ProTip! Add no:assignee to see everything that’s not assigned.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!