GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
22,438 advisories
@misskey-dev/summaly Redirect Filter Bypass
Low
CVE-2025-46553
was published
for
@misskey-dev/summaly
(npm)
May 5, 2025
Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload
Moderate
CVE-2025-46335
was published
for
mobsf
(pip)
May 5, 2025
OPA server Data API HTTP path injection of Rego
High
CVE-2025-46569
was published
for
github.com/open-policy-agent/opa/server
(Go)
May 1, 2025
SQL injection in ADOdb PostgreSQL driver pg_insert_id() method
Critical
CVE-2025-46337
was published
for
adodb/adodb-php
(Composer)
May 1, 2025
Vite's server.fs.deny bypassed with /. for files under project root
Moderate
CVE-2025-46565
was published
for
vite
(npm)
Apr 30, 2025
XWiki missing authorization when accessing the wiki level attachments list and metadata via REST API
Moderate
CVE-2025-46554
was published
for
org.xwiki.platform:xwiki-platform-rest-server
(Maven)
Apr 30, 2025
OpenFGA Authorization Bypass
Moderate
CVE-2025-46331
was published
for
github.com/openfga/openfga
(Go)
Apr 30, 2025
Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin
High
CVE-2025-32777
was published
for
volcano.sh/volcano
(Go)
Apr 30, 2025
Homograph attack allows Unicode lookalike characters to bypass validation.
High
CVE-2025-27611
was published
for
base-x
(npm)
Apr 30, 2025
ProTip!
Advisories are also available from the
GraphQL API