GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,885
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,208
NuGet
743
pip
3,983
Pub
12
RubyGems
950
Rust
1,034
Swift
45
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
fast-redact vulnerable to prototype pollution
Low
CVE-2025-57319
was published
for
fast-redact
(npm)
Sep 24, 2025
spmrc vulnerable to prototype pollution
Low
CVE-2025-57327
was published
for
spmrc
(npm)
Sep 24, 2025
web3-core-method is vulnerable to prototype pollution
Low
CVE-2025-57329
was published
for
web3-core-method
(npm)
Sep 24, 2025
toggle-array vulnerable to prototype pollution
Low
CVE-2025-57328
was published
for
toggle-array
(npm)
Sep 24, 2025
web3-core-subscriptions has a Prototype Pollution vulnerability
Low
CVE-2025-57330
was published
for
web3-core-subscriptions
(npm)
Sep 24, 2025
magix-combine-ex vulnerable to prototype pollution
Low
CVE-2025-57321
was published
for
magix-combine-ex
(npm)
Sep 24, 2025
node-cube vulnerable to prototype pollution
Low
CVE-2025-57348
was published
for
node-cube
(npm)
Sep 24, 2025
messageformat has a prototype pollution vulnerability
Low
CVE-2025-57349
was published
for
messageformat
(npm)
Sep 24, 2025
sassdoc-extras vulnerable to prototype pollution
Low
CVE-2025-57326
was published
for
sassdoc-extras
(npm)
Sep 24, 2025
rollbar vulnerable to prototype pollution
Low
CVE-2025-57325
was published
for
rollbar
(npm)
Sep 24, 2025
min-document vulnerable to prototype pollution
Low
CVE-2025-57352
was published
for
min-document
(npm)
Sep 24, 2025
Prototype pollution in jsii.configureCategories
Low
GHSA-m56h-5xx3-2jc2
was published
for
jsii
(npm)
Dec 18, 2024
Prototype pollution in emit function
Low
GHSA-82jv-9wjw-pqh6
was published
for
derby
(npm)
Apr 17, 2024
Possible prototype pollution in metadata record, when using meta decorator
Low
CVE-2023-30857
was published
for
@aedart/support
(npm)
May 1, 2023
Prototype Pollution in node-forge debug API.
Low
GHSA-5rrq-pxf6-6jx5
was published
for
node-forge
(npm)
Jan 8, 2022
Prototype Pollution in @hapi/hoek
Low
GHSA-22h7-7wwg-qmgg
was published
for
@hapi/hoek
(npm)
Sep 4, 2020
Prototype Pollution in merge-objects
Low
GHSA-992f-wf4w-x36v
was published
for
merge-objects
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API