Skip to content

Pull requests: github/advisory-database

New pull request New
273 Open 6,831 Closed
273 Open 6,831 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-fv66-9v8q-g76r] React Server Components are Vulnerable to RCE
#8049 opened Jun 16, 2026 by johnnylabare05-bot Loading…
[GHSA-2f9f-gq7v-9h6m] Add fixed version
#8048 opened Jun 16, 2026 by bayandin Loading…
[GHSA-x863-p983-p4f7] In an untrusted JMS environment, org.springframework.jms...
#8047 opened Jun 16, 2026 by julianladisch Loading…
[GHSA-h39j-r5qq-r9mm] All versions of the package decompress are vulnerable to...
#8046 opened Jun 16, 2026 by Alemmi Loading…
5
[GHSA-6c8g-7p36-r338] SharpCompress has directory traversal via directory entries in WriteToDirectory (zip slip variant)
#8045 opened Jun 16, 2026 by lewishazell Loading…
1
[GHSA-q7cg-457f-vx79] joi has an uncaught RangeError on deeply nested input through recursive link() schemas
#8041 opened Jun 14, 2026 by tats-u Loading…
4
[GHSA-36jr-mh4h-2g58] d3-color vulnerable to ReDoS
#8039 opened Jun 14, 2026 by RainSignal Loading…
[GHSA-29cq-5w36-x7w3] Livewire is vulnerable to remote command execution during component property update hydration
#8038 opened Jun 13, 2026 by Jandel2023 Loading…
1
[GHSA-rcv7-3vfh-47x6] Privilege Escalation D-Link DIR-1253 via the Hardcoded Component
#8037 opened Jun 13, 2026 by zxhri Loading…
[GHSA-w4pp-8pjf-rmxw] Versions of the package pacote from 11.2.7 are vulnerable...
#8036 opened Jun 13, 2026 by Capco-srachels Loading…
[GHSA-cfvq-fj53-j2c7] In version v0.3.8 of open-webui/open-webui, there is an...
#8035 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-2823-wfgm-j3hr] open-webui v0.5.16 is vulnerable to SSRF in routers...
#8034 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-hqhc-8hp4-hrwc] An authentication bypass vulnerability exists in Open...
#8033 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-2rf6-9rc8-rqch] A security vulnerability has been detected in open-webui...
#8032 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-vh96-p962-544h] Open WebUI Cleartext Transmission of Credentials...
#8031 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-cggw-334c-f4mj] Open WebUI load_tool_module_by_id Command Injection...
#8030 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-qr7m-hwp7-qjqg] Open WebUI PIP install_frontmatter_requirements Command...
#8029 opened Jun 12, 2026 by Classic298 Loading…
[GHSA-c6pw-q7f2-97hv] Privilege Escalation in cordova-plugin-inappbrowser
#8028 opened Jun 12, 2026 by NiklasMerz Loading…
2
[GHSA-76cg-cfhx-373f] MLFlow unsafe deserialization
#8027 opened Jun 12, 2026 by brawlingthebits Loading…
2
[GHSA-5v72-xg48-5rpm] Denial of Service in ws
#8024 opened Jun 12, 2026 by RainSignal Loading…
[GHSA-9wx7-jrvc-28mm] Signature verification vulnerability in Stark Bank ecdsa libraries
#8021 opened Jun 12, 2026 by RainSignal Loading…
2
[GHSA-f53p-382v-8pj7] The Avada Builder (fusion-builder) plugin for WordPress...
#8019 opened Jun 12, 2026 by vanesabravon Loading…
1
[GHSA-cv3v-7846-6pxm] Unauthorized File Access in node-git-server
#8016 opened Jun 11, 2026 by RainSignal Loading…
[GHSA-mrrw-grhq-86gf] Ascii (crate) allows out-of-bounds array indexing in safe code
#8015 opened Jun 11, 2026 by RainSignal Loading…
[GHSA-9gxv-x7rp-r2hc] gree/jose - "None" Algorithm treated as valid in tokens
#8014 opened Jun 11, 2026 by RainSignal Loading…
ProTip! Filter pull requests by the default branch with base:main.