GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
26 advisories
undici vulnerable to cross-user information disclosure via shared cache whitespace bypass
Moderate
CVE-2026-9678
was published
for
undici
(npm)
Jun 18, 2026
@angular/service-worker: Request Credential & Cache Policy Stripping
Moderate
CVE-2026-50184
was published
for
@angular/service-worker
(npm)
Jun 15, 2026
Angular Service Worker Policy-Bypass & Credential-Stripping Vulnerabilities
Moderate
CVE-2026-50169
was published
for
@angular/service-worker
(npm)
Jun 15, 2026
Hono's Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage
Moderate
CVE-2026-44457
was published
for
hono
(npm)
May 9, 2026
Fiber's cache middleware default key generator ignores query string, causing response mix-up across distinct query parameters
Moderate
CVE-2026-30246
was published
for
github.com/gofiber/fiber/v3
(Go)
Apr 28, 2026
Hono cache middleware ignores "Cache-Control: private" leading to Web Cache Deception
Moderate
CVE-2026-24472
was published
for
hono
(npm)
Jan 27, 2026
axios-cache-interceptor Vulnerable to Cache Poisoning via Ignored HTTP Vary Header
Moderate
CVE-2025-69202
was published
for
axios-cache-interceptor
(npm)
Dec 30, 2025
Next.js Affected by Cache Key Confusion for Image Optimization API Routes
Moderate
CVE-2025-57752
was published
for
next
(npm)
Aug 29, 2025
JetBrains Ktor information disclosure
Moderate
CVE-2024-49580
was published
for
io.ktor:ktor-client-core-jvm
(Maven)
Oct 17, 2024
ProTip!
Advisories are also available from the
GraphQL API