Skip to content

Pull requests: github/advisory-database

New pull request New
15 Open 6,015 Closed
15 Open 6,015 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-hxvr-gg2w-j48x] BackendAI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
#6671 opened Jan 19, 2026 by Yaminyam Loading…
1
[GHSA-ww28-4m4v-cq4j] BackendAI Missing Authentication for Critical Function
#6670 opened Jan 19, 2026 by Yaminyam Loading…
1
[GHSA-h889-475r-wfmm] Backend.AI Missing Authorization vulnerability
#6669 opened Jan 19, 2026 by Yaminyam Loading…
5
[GHSA-6c5p-j8vq-pqhj] python-jose algorithm confusion with OpenSSH ECDSA keys
#6668 opened Jan 19, 2026 by MachineNativeOps Loading…
2
[GHSA-fjxv-7rqg-78g4] form-data uses unsafe random function in form-data for choosing boundary
#6667 opened Jan 18, 2026 by CosmicJesterX Loading…
3
[GHSA-v778-237x-gjrc] Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto
#6666 opened Jan 17, 2026 by taufanharyudiansah6-byte Loading…
[GHSA-577h-p2hh-v4mv] Langflow CORS Account Takeover and RCE
#6665 opened Jan 17, 2026 by augustocesarperin Loading…
[GHSA-7x99-8x99-xc54] Code Injection in Salesforce Uni2TS
#6664 opened Jan 17, 2026 by augustocesarperin Loading…
[GHSA-q748-mcwg-xmqv] OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions
#6663 opened Jan 17, 2026 by priteau Loading…
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#6638 opened Jan 12, 2026 by gdsmith Loading…
1
[GHSA-77r5-gw3j-2mpf] Next.js Vulnerable to HTTP Request Smuggling
#6636 opened Jan 10, 2026 by mistressxalexis Loading…
1
[GHSA-54mj-vcvj-q3v5] Umbraco CMS has an arbitrary file upload vulnerability
#6633 opened Jan 9, 2026 by legacy-git Loading…
5
[GHSA-vj76-c3g6-qr5v] tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball
#6581 opened Dec 27, 2025 by kristentr Loading…
3
[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
#6573 opened Dec 22, 2025 by G-Rath Loading…
5
[GHSA-f6mr-38g8-39rg] Ollama Platform has missing authentication enabling attackers to perform model management operations Stale
#6571 opened Dec 22, 2025 by Ankush-Pathak Loading…
5
ProTip! no:milestone will show everything without a milestone.