GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
Sliver has Potential Zip Bomb Denial of Service in GzipEncoder
High
GHSA-2phg-qgmm-r638
was published
for
github.com/BishopFox/sliver
(Go)
Feb 25, 2026
pgadmin4 has a Meta-Command Filter Command Execution
Critical
CVE-2025-13780
was published
for
pgadmin4
(pip)
Dec 11, 2025
urllib3 streaming API improperly handles highly compressed data
High
CVE-2025-66471
was published
for
urllib3
(pip)
Dec 5, 2025
Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU)
High
CVE-2025-64509
was published
for
bugsink
(pip)
Nov 13, 2025
Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation
High
CVE-2025-6176
was published
for
Scrapy
(pip)
Oct 31, 2025
Litestar has potential log injection in exception logging
Low
GHSA-674p-xv2x-rf3g
was published
for
litestar
(pip)
Aug 11, 2025
fastapi-guard is vulnerable to ReDoS through inefficient regex
Moderate
CVE-2025-53539
was published
for
fastapi-guard
(pip)
Jul 7, 2025
ProTip!
Advisories are also available from the
GraphQL API