GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
23,755 advisories
ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header
High
CVE-2025-57808
was published
for
esphome
(pip)
Sep 2, 2025
Local Deep Research's API keys are stored in plain text
Moderate
CVE-2025-57806
was published
for
local-deep-research
(pip)
Sep 2, 2025
Next.js Affected by Cache Key Confusion for Image Optimization API Routes
Moderate
CVE-2025-57752
was published
for
next
(npm)
Aug 29, 2025
Next.js Content Injection Vulnerability for Image Optimization
Moderate
CVE-2025-55173
was published
for
next
(npm)
Aug 29, 2025
Tracing logging user input may result in poisoning logs with ANSI escape sequences
Low
CVE-2025-58160
was published
for
tracing-subscriber
(Rust)
Aug 29, 2025
Eventlet affected by HTTP request smuggling in unparsed trailers
Moderate
CVE-2025-58068
was published
for
eventlet
(pip)
Aug 29, 2025
Harness Allows Arbitrary File Write in Gitness LFS server
High
CVE-2025-58158
was published
for
github.com/harness/gitness
(Go)
Aug 29, 2025
Versity panic induced by AWS chunked data sent to port
High
GHSA-v2ch-c8v8-fgr7
was published
for
github.com/versity/versitygw
(Go)
Aug 29, 2025
Opencast has a partial path traversal vulnerability in UI config
Low
CVE-2025-55202
was published
for
org.opencastproject:opencast-user-interface-configuration
(Maven)
Aug 29, 2025
Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata
Low
CVE-2025-55304
was published
for
Exiv2
(pip)
Aug 29, 2025
Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file
Low
CVE-2025-54080
was published
for
Exiv2
(pip)
Aug 29, 2025
ProTip!
Advisories are also available from the
GraphQL API