GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
node-tar Symlink Path Traversal via Drive-Relative Linkpath
High
CVE-2026-31802
was published
for
tar
(npm)
Mar 10, 2026
tar has Hardlink Path Traversal via Drive-Relative Linkpath
High
CVE-2026-29786
was published
for
tar
(npm)
Mar 5, 2026
@isaacs/brace-expansion has Uncontrolled Resource Consumption
High
CVE-2026-25547
was published
for
@isaacs/brace-expansion
(npm)
Feb 3, 2026
node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization
High
CVE-2026-23745
was published
for
tar
(npm)
Jan 16, 2026
ProTip!
Advisories are also available from the
GraphQL API