Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

1,175 advisories

Loading
pip's fallback tar extraction doesn't check symbolic links point to extraction directory Moderate
CVE-2025-8869 was published for pip (pip) Sep 24, 2025
cai0duque bentasker
swils23
Credited to cai0duque, bentasker, and swils23
n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files Moderate
CVE-2025-57749 was published for n8n (npm) Aug 20, 2025
Mahmoud0x00
Credited to Mahmoud0x00
HashiCorp go-getter Vulnerable to Symlink Attacks High
CVE-2025-8959 was published for github.com/hashicorp/go-getter (Go) Aug 15, 2025
dellalibera
Credited to dellalibera
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook High
CVE-2025-23267 was published for github.com/NVIDIA/gpu-operator (Go) Jul 17, 2025
ProTip! Advisories are also available from the GraphQL API