GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
2 advisories
undici WebSocket client vulnerable to denial of service via cumulative fragment bypass
High
CVE-2026-9675
was published
for
undici
(npm)
Jun 18, 2026
http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass
Moderate
CVE-2026-55602
was published
for
http-proxy-middleware
(npm)
Jun 18, 2026
ProTip!
Advisories are also available from the
GraphQL API