GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
37 advisories
Misskey has a login rate limit bypass via spoofed X-Forwarded-For header
Moderate
CVE-2025-66482
was published
for
misskey-js
(npm)
Dec 15, 2025
NodeJS version of HAX CMS Has Insecure Default Configuration That Leads to Unauthenticated Access
Critical
CVE-2025-54127
was published
for
@haxtheweb/haxcms-nodejs
(npm)
Jul 21, 2025
Filament has exported files stored in default (`public`) filesystem if not reconfigured
Low
CVE-2024-51758
was published
for
filament/actions
(Composer)
Nov 7, 2024
Default swagger-ui configuration exposes all files in the module
Moderate
CVE-2024-22207
was published
for
@fastify/swagger-ui
(npm)
Jan 16, 2024
ProTip!
Advisories are also available from the
GraphQL API