GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
@nyariv/sandboxjs has a Sandbox Escape vulnerability
Critical
CVE-2026-25587
was published
for
@nyariv/sandboxjs
(npm)
Feb 5, 2026
@nyariv/sandboxjs has a Sandbox Escape issue
Critical
CVE-2026-25520
was published
for
@nyariv/sandboxjs
(npm)
Feb 5, 2026
SandboxJS Vulnerable to Prototype Pollution -> Sandbox Escape -> RCE
Critical
CVE-2026-25142
was published
for
@nyariv/sandboxjs
(npm)
Feb 2, 2026
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events
Moderate
CVE-2024-47003
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Sep 26, 2024
Mattermost Plugin Channel Export excessive resource consumption
Moderate
CVE-2024-43105
was published
for
github.com/mattermost/mattermost-plugin-channel-export
(Go)
Aug 23, 2024
document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection
High
CVE-2024-37301
was published
for
document-merge-service
(pip)
Jun 11, 2024
Mattermost vulnerable to denial of service via large number of emoji reactions
Moderate
CVE-2024-1402
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 9, 2024
ProTip!
Advisories are also available from the
GraphQL API