GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
OpenClaw hardened the skill download target directory validation
Moderate
CVE-2026-27008
was published
for
openclaw
(npm)
Feb 18, 2026
OpenClaw has an arbitrary transcript path file write via gateway sessionFile
High
CVE-2026-28459
was published
for
openclaw
(npm)
Feb 17, 2026
LobeHub Vulnerable to Improper Authorization in Presigned Upload
Moderate
CVE-2026-23835
was published
for
@lobehub/chat
(npm)
Feb 1, 2026
jsPDF has Local File Inclusion/Path Traversal vulnerability
Critical
CVE-2025-68428
was published
for
jspdf
(npm)
Jan 5, 2026
@vitejs/plugin-rsc has an Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint
High
CVE-2025-68155
was published
for
@vitejs/plugin-rsc
(npm)
Dec 16, 2025
Better Auth affected by external request basePath modification DoS
Low
GHSA-569q-mpph-wgww
was published
for
better-auth
(npm)
Dec 1, 2025
Directus allows unauthenticated file upload and file modification due to lacking input sanitization
Critical
CVE-2025-55746
was published
for
@directus/api
(npm)
Aug 20, 2025
Mockoon has a Path Traversal and LFI in the static file serving endpoint
High
CVE-2025-59049
was published
for
@mockoon/cli
(npm)
Mar 11, 2025
ProTip!
Advisories are also available from the
GraphQL API