GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
22,763 advisories
Gradio Allows Unauthorized File Copy via Path Manipulation
Moderate
CVE-2025-48889
was published
for
gradio
(pip)
May 29, 2025
Navidrome Transcoding Permission Bypass Vulnerability Report
High
CVE-2025-48948
was published
for
github.com/navidrome/navidrome
(Go)
May 29, 2025
Navidrome allows SQL Injection via role parameter
High
CVE-2025-48949
was published
for
github.com/navidrome/navidrome
(Go)
May 29, 2025
Fabio allows HTTP clients to manipulate custom headers it adds
Critical
CVE-2025-48865
was published
for
github.com/fabiolb/fabio
(Go)
May 29, 2025
Information exposure in Next.js dev server due to lack of origin verification
Low
CVE-2025-48068
was published
for
next
(npm)
May 28, 2025
vLLM Tool Schema allows DoS via Malformed pattern and type Fields
Moderate
CVE-2025-48944
was published
for
vllm
(pip)
May 28, 2025
vLLM allows clients to crash the openai server with invalid regex
Moderate
CVE-2025-48943
was published
for
vllm
(pip)
May 28, 2025
vLLM DOS: Remotely kill vllm over http with invalid JSON schema
Moderate
CVE-2025-48942
was published
for
vllm
(pip)
May 28, 2025
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Moderate
CVE-2025-46722
was published
for
vllm
(pip)
May 28, 2025
Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching
Low
CVE-2025-46570
was published
for
vllm
(pip)
May 28, 2025
vLLM vulnerable to Regular Expression Denial of Service
Moderate
GHSA-j828-28rj-hfhp
was published
for
vllm
(pip)
May 28, 2025
vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
Moderate
CVE-2025-48887
was published
for
vllm
(pip)
May 28, 2025
Mautic has an Open Redirect vulnerability on user unlock path.
Moderate
CVE-2025-5256
was published
for
mautic/core
(Composer)
May 28, 2025
ProTip!
Advisories are also available from the
GraphQL API