GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
418 advisories
Mautic segment cloning doesn't have a proper permission check
Moderate
CVE-2024-47055
was published
for
mautic/core
(Composer)
May 28, 2025
Reflex vulnerable to private state fields modification
High
CVE-2025-47425
was published
for
reflex
(pip)
May 15, 2025
goshs route not protected, allows command execution
Critical
CVE-2025-46816
was published
for
github.com/patrickhener/goshs
(Go)
May 6, 2025
OpenFGA Authorization Bypass
Moderate
CVE-2025-46331
was published
for
github.com/openfga/openfga
(Go)
Apr 30, 2025
Vite allows server.fs.deny to be bypassed with .svg or relative paths
Moderate
CVE-2025-31486
was published
for
vite
(npm)
Apr 4, 2025
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
Moderate
CVE-2025-31125
was published
for
vite
(npm)
Mar 31, 2025
Vite bypasses server.fs.deny when using ?raw??
Moderate
CVE-2025-30208
was published
for
vite
(npm)
Mar 25, 2025
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
High
CVE-2025-23389
was published
for
github.com/rancher/rancher
(Go)
Feb 27, 2025
ProTip!
Advisories are also available from the
GraphQL API