Skip to content

Pull requests: github/advisory-database

New pull request New
17 Open 6,108 Closed
17 Open 6,108 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-5mqx-rpxv-mvxj] HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration
#6774 opened Feb 4, 2026 by dduzgun-security Loading…
4
[GHSA-rx97-6c62-55mf] Hashicorp Nomad Incorrect Privilege Assignment vulnerability
#6773 opened Feb 4, 2026 by dduzgun-security Loading…
2
[GHSA-c2qf-rxjj-qqgw] semver vulnerable to Regular Expression Denial of Service
#6771 opened Feb 4, 2026 by ljharb Loading…
2
[GHSA-m7xq-9374-9rvx] Mongoose search injection vulnerability
#6769 opened Feb 3, 2026 by ljharb Loading…
1
[GHSA-5f7q-jpqc-wp7h] Next.js has Unbounded Memory Consumption via PPR Resume Endpoint
#6768 opened Feb 3, 2026 by cylewaitforit Loading…
2
[GHSA-xm59-rqc7-hhvf] nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
#6756 opened Feb 2, 2026 by sarvo-madhavan Loading…
1
1
[GHSA-r6q2-hw4h-h46w] Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
#6733 opened Jan 28, 2026 by ssushant0011 Loading…
2
[GHSA-rqff-837h-mm52] Authorization bypass in url-parse Keep
#6723 opened Jan 26, 2026 by ljharb Loading…
2
[GHSA-xgcg-2hvp-fj6w] A cross-site scripting (XSS) vulnerability exists in...
#6716 opened Jan 26, 2026 by berkpseSICKAG Loading…
[GHSA-77c8-xpc7-q24c] The built-in XY Chart plugin is vulnerable to a DOM XSS...
#6715 opened Jan 26, 2026 by berkpseSICKAG Loading…
[GHSA-w5j6-7wpf-g6rw] A security vulnerability in the /apis/dashboard.grafana...
#6714 opened Jan 26, 2026 by berkpseSICKAG Loading…
1
[GHSA-98pr-9hw5-crg3] An open redirect vulnerability has been identified in...
#6713 opened Jan 26, 2026 by berkpseSICKAG Loading…
1
[GHSA-8v38-pw62-9cw2] url-parse Incorrectly parses URLs that include an '@' Keep
#6700 opened Jan 24, 2026 by ljharb Loading…
2
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#6638 opened Jan 12, 2026 by gdsmith Loading…
3
[GHSA-77r5-gw3j-2mpf] Next.js Vulnerable to HTTP Request Smuggling
#6636 opened Jan 10, 2026 by mistressxalexis Loading…
1
[GHSA-vj76-c3g6-qr5v] tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball Stale
#6581 opened Dec 27, 2025 by kristentr Loading…
4
[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
#6573 opened Dec 22, 2025 by G-Rath Loading…
7
ProTip! Filter pull requests by the default branch with base:main.