Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

17 advisories

Loading
Apache Zeppelin: Missing Origin Validation in WebSockets vulnerability Moderate
CVE-2024-51775 was published for org.apache.zeppelin:zeppelin-shell (Maven) Aug 3, 2025
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking... Moderate Unreviewed
CVE-2025-36116 was published Jul 23, 2025
Claude Code Improper Authorization via websocket connections from arbitrary origins High
CVE-2025-52882 was published for @anthropic-ai/claude-code (npm) Jun 23, 2025
Information exposure in Next.js dev server due to lack of origin verification Low
CVE-2025-48068 was published for next (npm) May 28, 2025
sapphi-red R4356th
Websites were able to send any requests to the development server and read the response in vite Moderate
CVE-2025-24010 was published for vite (npm) Jan 21, 2025
ivantsepp
Unintentional leakage of private information via cross-origin websocket session hijacking Moderate
CVE-2023-2850 was published for nodebb (npm) Jul 25, 2023
mowzk barisusakli
code-server vulnerable to Missing Origin Validation in WebSockets Critical
CVE-2023-26114 was published for code-server (npm) Mar 23, 2023
ProTip! Advisories are also available from the GraphQL API