GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
39 advisories
Directus allows unauthenticated file upload and file modification due to lacking input sanitization
Critical
CVE-2025-55746
was published
for
@directus/api
(npm)
Aug 20, 2025
InvokeAI has External Control of File Name or Path
Critical
CVE-2025-6237
was published
for
invokeai
(pip)
Sep 18, 2025
jsPDF has Local File Inclusion/Path Traversal vulnerability
Critical
CVE-2025-68428
was published
for
jspdf
(npm)
Jan 5, 2026
MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment
Critical
CVE-2026-27825
was published
for
mcp-atlassian
(pip)
Mar 10, 2026
ProTip!
Advisories are also available from the
GraphQL API