GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,003 advisories
Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding Attack
Critical
CVE-2025-62593
was published
for
ray
(pip)
Nov 26, 2025
md-to-pdf vulnerable to arbitrary JavaScript code execution when parsing front matter
Critical
CVE-2025-65108
was published
for
md-to-pdf
(npm)
Nov 20, 2025
pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode
Critical
CVE-2025-12762
was published
for
pgadmin4
(pip)
Nov 13, 2025
Happy DOM: VM Context Escape can lead to Remote Code Execution
Critical
CVE-2025-61927
was published
for
happy-dom
(npm)
Oct 10, 2025
j178/prek-action vulnerable to arbitrary code injection in composite action
Critical
GHSA-pwf7-47c3-mfhx
was published
for
j178/prek-action
(GitHub Actions)
Sep 29, 2025
Gardener provider extensions vulnerable to code injection when Terraform is used for infrastructure provisioning
Critical
CVE-2025-59823
was published
for
github.com/gardener/gardener-extension-provider-aws
(Go)
Sep 25, 2025
Flowise has Remote Code Execution vulnerability
Critical
CVE-2025-59528
was published
for
flowise
(npm)
Sep 15, 2025
ProTip!
Advisories are also available from the
GraphQL API