GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
13 advisories
@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse
High
CVE-2026-25536
was published
for
@modelcontextprotocol/sdk
(npm)
Feb 4, 2026
jsPDF has Shared State Race Condition in addJS Plugin
Moderate
CVE-2026-24040
was published
for
jspdf
(npm)
Feb 2, 2026
@envelop/graphql-modules has a Race Condition vulnerability
High
GHSA-h3hw-29fv-2x75
was published
for
@envelop/graphql-modules
(npm)
Jan 21, 2026
Turbo Frame responses can restore stale session cookies
Low
CVE-2025-66803
was published
for
@hotwired/turbo
(npm)
Jan 20, 2026
GraphQL Modules has a Race Condition issue
High
CVE-2026-23735
was published
for
graphql-modules
(npm)
Jan 16, 2026
node-tar has a race condition leading to uninitialized memory exposure
Moderate
CVE-2025-64118
was published
for
tar
(npm)
Oct 30, 2025
Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
High
CVE-2025-59052
was published
for
@angular/platform-server
(npm)
Sep 10, 2025
Taylor has race condition in /get-patch that allows purchase token replay
Low
GHSA-vh5j-5fhq-9xwg
was published
for
taylored
(npm)
Jun 27, 2025
Next.js Race Condition to Cache Poisoning
Low
CVE-2025-32421
was published
for
next
(npm)
May 15, 2025
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Moderate
CVE-2024-35255
was published
for
@azure/identity
(Go)
Jun 11, 2024
ProTip!
Advisories are also available from the
GraphQL API