GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9,987 advisories
Rack session gets restored after deletion
Moderate
CVE-2025-46336
was published
for
rack-session
(RubyGems)
May 8, 2025
Rack session gets restored after deletion
Moderate
CVE-2025-32441
was published
for
rack
(RubyGems)
May 8, 2025
JRuby-OpenSSL has hostname verification disabled by default
Moderate
CVE-2025-46551
was published
for
org.jruby:jruby
(Maven)
May 7, 2025
@misskey-dev/summaly allows IP Filter Bypass via Redirect
Moderate
GHSA-jqx4-9gpq-rppm
was published
for
@misskey-dev/summaly
(npm)
May 6, 2025
Umbraco Makes User Enumeration Feasible Based on Timing of Login Response
Moderate
CVE-2025-46736
was published
for
Umbraco.Cms
(NuGet)
May 6, 2025
league/commonmark contains a XSS vulnerability in Attributes extension
Moderate
CVE-2025-46734
was published
for
league/commonmark
(Composer)
May 5, 2025
Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack
Moderate
CVE-2025-46730
was published
for
mobsf
(pip)
May 5, 2025
Linkerd resource exhaustion vulnerability
Moderate
CVE-2025-43915
was published
for
github.com/linkerd/linkerd2
(Go)
May 5, 2025
Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload
Moderate
CVE-2025-46335
was published
for
mobsf
(pip)
May 5, 2025
ProTip!
Advisories are also available from the
GraphQL API