GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
388 advisories
React Router allows pre-render data spoofing on React-Router framework mode
High
CVE-2025-43865
was published
for
react-router
(npm)
Apr 24, 2025
Zip Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1944
was published
for
picklescan
(pip)
Mar 10, 2025
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1945
was published
for
picklescan
(pip)
Mar 10, 2025
Hickory DNS's DNSSEC validation may accept broken authentication chains
Moderate
CVE-2025-25188
was published
for
hickory-proto
(Rust)
Feb 10, 2025
CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts
High
GHSA-r3r4-g7hq-pq4f
was published
for
github.com/cometbft/cometbft
(Go)
Feb 3, 2025
Duplicate Advisory: WildFly Elytron OpenID Connect Client Extension authorization code injection attack
Moderate
GHSA-4v5x-9m47-cqr2
was published
for
org.wildfly:wildfly-elytron-oidc-client-subsystem
(Maven)
Dec 9, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API