Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,151
Maven
5,000+
npm
5,000+
NuGet
859
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
SvelteKit vulnerable to Cross-Site Request Forgery High
CVE-2023-29003 was published for @sveltejs/kit (npm) Apr 4, 2023
v1ktor0t Credited to v1ktor0t, benmccann, Conduitry, teemingc, and dominikg benmccann benmccann
Conduitry Conduitry teemingc teemingc dominikg dominikg
@sveltejs/kit has unescaped error message included on error page Low
CVE-2024-53262 was published for @sveltejs/kit (npm) Nov 25, 2024
dominikg Credited to dominikg, teemingc, and benmccann teemingc teemingc
benmccann benmccann
@sveltejs/kit vulnerable to XSS on dev mode 404 page Low
CVE-2024-53261 was published for @sveltejs/kit (npm) Nov 25, 2024
benmccann Credited to benmccann, teemingc, and RDIL teemingc teemingc
RDIL RDIL
SvelteKit is vulnerable to denial of service and possible SSRF when using prerendering High
CVE-2025-67647 was published for @sveltejs/adapter-node (npm) Jan 15, 2026
cold-try Credited to cold-try, teemingc, benmccann, and d-xuan teemingc teemingc
benmccann benmccann d-xuan d-xuan
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database