GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
5 advisories
Vite allows server.fs.deny to be bypassed with .svg or relative paths
Moderate
CVE-2025-31486
was published
for
vite
(npm)
Apr 4, 2025
vLLM Allows Remote Code Execution via PyNcclPipe Communication Service
Critical
CVE-2025-47277
was published
for
vllm
(pip)
May 20, 2025
OpenClaw: TOCTOU read in exec script preflight
Low
CVE-2026-43529
was published
for
openclaw
(npm)
Apr 16, 2026
Open WebUI has an IDOR vulnerability in the update_message_by_id API endpoint
Moderate
CVE-2026-45385
was published
for
open-webui
(pip)
May 14, 2026
Open WebUI has an IDOR vulnerability in the pin_channel_message API endpoint
Moderate
CVE-2026-45386
was published
for
open-webui
(pip)
May 14, 2026
ProTip!
Advisories are also available from the
GraphQL API