-
Notifications
You must be signed in to change notification settings - Fork 517
Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
[GHSA-9wx4-h78v-vm56] Requests
Session object does not verify requests after making first request with verify=False
#6650
opened Jan 14, 2026 by
liiiiiiaduarte34-art
Loading…
[GHSA-fjxv-7rqg-78g4] form-data uses unsafe random function in form-data for choosing boundary
#6647
opened Jan 14, 2026 by
asrar-mared
Loading…
[GHSA-mwr6-3gp8-9jmj] orval MCP client is vulnerable to a code injection attack.
#6646
opened Jan 13, 2026 by
asrar-mared
Loading…
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#6638
opened Jan 12, 2026 by
gdsmith
Loading…
[GHSA-77r5-gw3j-2mpf] Next.js Vulnerable to HTTP Request Smuggling
#6636
opened Jan 10, 2026 by
mistressxalexis
Loading…
[GHSA-5j59-xgg2-r9c4] Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up
#6635
opened Jan 10, 2026 by
xpertforextradeinc
Loading…
[GHSA-54mj-vcvj-q3v5] Umbraco CMS has an arbitrary file upload vulnerability
#6633
opened Jan 9, 2026 by
legacy-git
Loading…
[GHSA-6wvf-f2vw-3425] github.com/containers/image allows unexpected authenticated registry accesses
#6621
opened Jan 7, 2026 by
asrar-mared
Loading…
[GHSA-v364-rw7m-3263] n8n Vulnerable to RCE via Arbitrary File Write
#6619
opened Jan 6, 2026 by
asrar-mared
Loading…
[GHSA-vj76-c3g6-qr5v] tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball
#6581
opened Dec 27, 2025 by
kristentr
Loading…
[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
#6573
opened Dec 22, 2025 by
G-Rath
Loading…
[GHSA-f6mr-38g8-39rg] Ollama Platform has missing authentication enabling attackers to perform model management operations
Stale
#6571
opened Dec 22, 2025 by
Ankush-Pathak
Loading…
ProTip!
Follow long discussions with comments:>50.