GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28 advisories
Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client
High
CVE-2025-66035
was published
for
@angular/common
(npm)
Nov 26, 2025
Withdrawn Advisory: Incorrect Authorization in cross-fetch
Moderate
CVE-2022-1365
was published
for
cross-fetch
(npm)
Apr 17, 2022
•
withdrawn
Weblate exposes personal IP address via e-mail
Low
CVE-2025-49134
was published
for
weblate
(pip)
Jun 16, 2025
DynamicPageList3 vulnerability exposes hidden/suppressed usernames
High
CVE-2025-53625
was published
for
universal-omega/dynamic-page-list3
(Composer)
Jul 10, 2025
Updatecli exposes Maven credentials in console output
High
CVE-2025-24355
was published
for
github.com/updatecli/updatecli
(Go)
Jan 24, 2025
XWiki Platform document history including authors of any page exposed to unauthorized actors
Moderate
CVE-2024-45591
was published
for
org.xwiki.platform:xwiki-platform-rest-server
(Maven)
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API