Skip to content

Pull requests: github/advisory-database

New pull request New
36 Open 6,573 Closed
36 Open 6,573 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

fix: correct GHSA-887w-45rq-vxgf sqlalchemy fixed version 1.2.18 -> 1.3.0b1
#7486 opened Apr 22, 2026 by DEVSOG12 Loading…
4
fix: correct GHSA-pfr9-2p92-qrhq dbn fixed version 0.22.0 -> 0.22.1
#7483 opened Apr 21, 2026 by DEVSOG12 Loading…
3
fix: correct GHSA-4j5j-58j7-6c3w dulwich fixed version 0.9.9 -> 0.10.0
#7482 opened Apr 21, 2026 by DEVSOG12 Loading…
1
[GHSA-hcp2-x6j4-29j7] RustCrypto: Signatures has timing side-channel in ML-DSA decomposition
#7479 opened Apr 21, 2026 by tarcieri Loading…
1
[GHSA-wjxp-xrpv-xpff] Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL
#7478 opened Apr 21, 2026 by stenzopolis1986-art Loading…
1
[GHSA-9hxg-w7qf-hh93] Use Go pseudo-version for fixed version
#7477 opened Apr 21, 2026 by cookesan Loading…
[GHSA-6qvv-pj99-48qm] @adonisjs/http-server has an Open Redirect vulnerability
#7471 opened Apr 21, 2026 by TheAdamGalloway Loading…
1
[GHSA-p93r-85wp-75v3] Covert timing channel vulnerability in Legion of the...
#7470 opened Apr 21, 2026 by marcelstoer Loading…
2
Exploited
#7469 opened Apr 21, 2026 by SunShineHead Loading…
[GHSA-4hmj-39m8-jwc7] OpenClaw has ACP CLI approval prompt ANSI escape sequence injection
#7468 opened Apr 20, 2026 by anlakii Loading…
1
[GHSA-mwv9-gp5h-frr4] Sveltejs devalue's devalue.parse and devalue.unflatten emit objects with __proto__ own properties
#7464 opened Apr 20, 2026 by Wenxin-Jiang Loading…
7
[GHSA-hx9m-jf43-8ffr] seroval affected by Denial of Service via RegExp serialization
#7463 opened Apr 20, 2026 by Wenxin-Jiang Loading…
2
[GHSA-8j4w-5fw4-rm27] Prototype Pollution in deeply
#7456 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-28g4-38q8-3cwc] Flowise: Cypher Injection in GraphCypherQAChain
#7449 opened Apr 20, 2026 by nikpivkin Loading…
2
[GHSA-rg7c-g689-fr3x] Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability
#7447 opened Apr 20, 2026 by philrollet Loading…
[GHSA-gcq8-j4vp-vgvp] Uncaught exception in OpenBMC Firmware for some Intel(R)...
#7446 opened Apr 20, 2026 by wongchaiyathamchaiphetwongchai-hue Loading…
[GHSA-rmmh-p597-ppvv] An issue in the anchors subparser of Showdownjs versions ...
#7444 opened Apr 20, 2026 by LukasChristel Loading…
1
[GHSA-9cp7-j3f8-p5jx] Daptin has Unauthenticated Path Traversal and Zip Slip
#7443 opened Apr 20, 2026 by cerquedai628-blip Loading…
1
Add 3 critical security advisories for hexstrike-ai (0x4m4/hexstrike-ai)
#7442 opened Apr 20, 2026 by sermikr0 Loading…
[GHSA-85q9-7467-r53q] XSS Vulnerability in Markdown Editor
#7440 opened Apr 19, 2026 by brawlingthebits Loading…
4
[GHSA-4w7w-66w2-5vf9] Vite Vulnerable to Path Traversal in Optimized Deps .map Handling
#7439 opened Apr 19, 2026 by efikcoineternal Loading…
1
[GHSA-23f4-hfmq-94mj] Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec
#7438 opened Apr 19, 2026 by carlosame Loading…
1
[GHSA-jpcq-cgw6-v4j6] Potential XSS vulnerability in jQuery
#7435 opened Apr 19, 2026 by sealonohana Loading…
2
[GHSA-wh4c-j3r5-mjhp] xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion
#7431 opened Apr 18, 2026 by karfau Loading…
2
[GHSA-355h-qmc2-wpwf] Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
#7421 opened Apr 17, 2026 by jhy Loading…
7
ProTip! Exclude everything labeled bug with -label:bug.