GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,290 advisories
NiceGUI's Path Traversal via Unsanitized FileUpload.name Enables Arbitrary File Write
High
CVE-2026-25732
was published
for
nicegui
(pip)
Feb 5, 2026
Qwik City Open Redirect via fixTrailingSlash
Low
CVE-2026-25149
was published
for
@builder.io/qwik-city
(npm)
Feb 3, 2026
WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow
Moderate
GHSA-grh9-37g7-53mj
was published
for
github.com/h44z/wg-portal
(Go)
Feb 2, 2026
NocoDB has Unvalidated Redirect in Login Flow via continueAfterSignIn Parameter
Moderate
CVE-2026-24768
was published
for
nocodb
(npm)
Jan 28, 2026
WeasyPrint has a Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect
High
CVE-2025-68616
was published
for
weasyprint
(pip)
Jan 20, 2026
chi has an open redirect vulnerability in the RedirectSlashes middleware
Moderate
GHSA-mqqf-5wvp-8fh8
was published
for
github.com/go-chi/chi
(Go)
Jan 14, 2026
React Router has unexpected external redirect via untrusted paths
Moderate
CVE-2025-68470
was published
for
react-router
(npm)
Jan 8, 2026
ProTip!
Advisories are also available from the
GraphQL API