GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
25,014 advisories
Next Vulnerable to Denial of Service with Server Components High
GHSA-mwv6-3258-q52c was published for next (npm) Dec 11, 2025
Denial of Service Vulnerability in React Server Components High
CVE-2025-55184 was published for react-server-dom-parcel (npm) Dec 11, 2025
pgadmin4 has a Meta-Command Filter Command Execution Critical
CVE-2025-13780 was published for pgadmin4 (pip) Dec 11, 2025
Servify-express rate limit issue High
CVE-2025-67731 was published for servify-express (npm) Dec 11, 2025
AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE Low
CVE-2025-67737 was published for azuracast/azuracast (Composer) Dec 11, 2025
gardenctl is vulnerable to Command Injection when used with non‑POSIX shells High
CVE-2025-67508 was published for github.com/gardener/gardenctl-v2 (Go) Dec 11, 2025
quic-go HTTP/3 QPACK Header Expansion DoS Moderate
CVE-2025-64702 was published for github.com/quic-go/quic-go (Go) Dec 11, 2025
Improper Validation of Query Parameters in Auth0 Next.js SDK Low
CVE-2025-67716 was published for @auth0/nextjs-auth0 (npm) Dec 10, 2025
Improper Request Caching Lookup in the Auth0 Next.js SDK Moderate
CVE-2025-67490 was published for @auth0/nextjs-auth0 (npm) Dec 10, 2025
Improper Memory Cleanup in the Okta Java SDK Moderate
CVE-2025-66033 was published for com.okta.sdk:okta-sdk-root (Maven) Dec 10, 2025
Pyrofork has a Path Traversal in download_media Method Moderate
CVE-2025-67720 was published for pyrofork (pip) Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API