GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10,902 advisories
node-tar has a race condition leading to uninitialized memory exposure
Moderate
CVE-2025-64118
was published
for
tar
(npm)
Oct 30, 2025
uv allows ZIP payload obfuscation through parsing differentials
Moderate
GHSA-pqhf-p39g-3x64
was published
for
uv
(pip)
Oct 29, 2025
DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload
Moderate
CVE-2025-64094
was published
for
DotNetNuke.Core
(NuGet)
Oct 29, 2025
DNN CKEditor Provider allows unauthenticated upload out-of-the-box
Moderate
CVE-2025-62802
was published
for
Dnn.Platform
(NuGet)
Oct 29, 2025
FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name
Moderate
CVE-2025-62801
was published
for
fastmcp
(pip)
Oct 29, 2025
FastMCP vulnerable to reflected XSS in client's callback page
Moderate
CVE-2025-62800
was published
for
fastmcp
(pip)
Oct 29, 2025
CKAN vulnerable to stored XSS in resource description
Moderate
CVE-2025-54384
was published
for
ckan
(pip)
Oct 29, 2025
ProTip!
Advisories are also available from the
GraphQL API