Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

31 advisories

Loading
dssrf: every IPv6 category bypasses is_url_safe High
CVE-2026-44232 was published for dssrf (npm) May 6, 2026
b-hermes Credited to b-hermes and HackingRepo HackingRepo HackingRepo
netfoil's optional seccomp sandboxing was not applied Moderate
GHSA-vjgj-42f6-7997 was published for github.com/tinfoil-factory/netfoil (Go) Apr 29, 2026
AstrBot has Incomplete Filtering of Special Elements Low
CVE-2026-6984 was published for AstrBot (pip) Apr 25, 2026
PyBlade: SSTI/RCE via Bypassed AST Validation in sandbox.py Low
CVE-2026-5559 was published for pyblade (pip) Apr 5, 2026
datapizza-ai: Server-Side Template Injection in ChatPromptTemplate via Jinja2 Template Handler Low
CVE-2026-2969 was published for datapizza-ai-core (pip) Feb 23, 2026
pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function Low
CVE-2025-6518 was published for pyspur (pip) Jun 23, 2025
AngularJS Incomplete Filtering of Special Elements vulnerability Moderate
CVE-2025-2336 was published for angular-sanitize (npm) Jun 4, 2025
AngularJS improperly sanitizes SVG elements Low
CVE-2025-0716 was published for angular (npm) Apr 29, 2025
AngularJS allows attackers to bypass common image source restrictions Low
CVE-2024-8373 was published for angular (npm) Sep 9, 2024
ProTip! Advisories are also available from the GraphQL API