GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10,554 advisories
Craft CMS has a theoretical bypass for CVE-2025-23209
Moderate
CVE-2025-54417
was published
for
craftcms/cms
(Composer)
Aug 8, 2025
uv allows ZIP payload obfuscation through parsing differentials
Moderate
CVE-2025-54368
was published
for
uv
(pip)
Aug 7, 2025
Astros's duplicate trailing slash feature leads to an open redirection security issue
Moderate
CVE-2025-54793
was published
for
astro
(npm)
Aug 7, 2025
The Thinbus Javascript Secure Remote Password (SRP) Client Generates Fewer Bits of Entropy Than Intended
Moderate
CVE-2025-54885
was published
for
thinbus-srp
(npm)
Aug 6, 2025
FPDI allows Memory Exhaustion (OOM) in PDF Parser which leads to Denial of Service
Moderate
CVE-2025-54869
was published
for
setasign/fpdi
(Composer)
Aug 5, 2025
ProTip!
Advisories are also available from the
GraphQL API