GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
Fleet Windows MDM Azure AD JWT Authentication Bypass
High
CVE-2026-24899
was published
for
github.com/fleetdm/fleet/v4
(Go)
May 14, 2026
Strapi: Password Reset Does Not Revoke Existing Refresh Sessions
Low
CVE-2026-22706
was published
for
@strapi/admin
(npm)
May 13, 2026
vLLM affected by RCE via auto_map dynamic module loading during model initialization
High
CVE-2026-22807
was published
for
vllm
(pip)
Jan 21, 2026
React Router SSR XSS in ScrollRestoration
High
CVE-2026-21884
was published
for
@remix-run/react
(npm)
Jan 8, 2026
React Router has Path Traversal in File Session Storage
Critical
CVE-2025-61686
was published
for
@react-router/node
(npm)
Jan 8, 2026
React Router has XSS Vulnerability
High
CVE-2025-59057
was published
for
@remix-run/react
(npm)
Jan 8, 2026
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
Critical
CVE-2025-58434
was published
for
flowise
(npm)
Sep 12, 2025
ProTip!
Advisories are also available from the
GraphQL API