GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
490 advisories
js-yaml has prototype pollution in merge (<<)
Moderate
CVE-2025-64718
was published
for
js-yaml
(npm)
Nov 14, 2025
rollbar vulnerable to Prototype Pollution in merge()
Moderate
CVE-2025-62517
was published
for
rollbar
(npm)
Oct 23, 2025
rollbar vulnerable to prototype pollution
Low
CVE-2025-57325
was published
for
rollbar
(npm)
Oct 20, 2025
happy-dom's `--disallow-code-generation-from-strings` is not sufficient for isolating untrusted JavaScript
Critical
CVE-2025-62410
was published
for
happy-dom
(npm)
Oct 15, 2025
`sveltekit-superforms` has Prototype Pollution in `parseFormData` function of `formData.js`
High
CVE-2025-62381
was published
for
sveltekit-superforms
(npm)
Oct 15, 2025
Parse Javascript SDK vulnerable to prototype pollution in `Parse.Object` and internal APIs
Moderate
CVE-2025-62374
was published
for
parse
(npm)
Oct 14, 2025
Duplicate Advisory: rollbar vulnerable to prototype pollution
Low
GHSA-m929-rg27-gj99
was published
for
rollbar
(npm)
Sep 24, 2025
•
withdrawn
parse is vulnerable to prototype pollution
Moderate
CVE-2025-57324
was published
for
parse
(npm)
Sep 24, 2025
Withdrawn Advisory: fast-redact vulnerable to prototype pollution
Low
CVE-2025-57319
was published
for
fast-redact
(npm)
Sep 24, 2025
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API