GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
Flowise does not Prevent Bypass of Password Confirmation - Unverified Password Change
High
GHSA-fjh6-8679-9pch
was published
for
flowise-ui
(npm)
Nov 14, 2025
Flowise doesn't Prevent Bypass of Password Confirmation through Unverified Email Change (credentials)
High
GHSA-x39m-3393-3qp4
was published
for
flowise-ui
(npm)
Nov 14, 2025
Better Auth: Unauthenticated API key creation through api-key plugin
Critical
CVE-2025-61928
was published
for
better-auth
(npm)
Oct 9, 2025
Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover
Critical
CVE-2025-58434
was published
for
flowise
(npm)
Sep 12, 2025
MCP Inspector proxy server lacks authentication between the Inspector client and proxy
Critical
CVE-2025-49596
was published
for
@modelcontextprotocol/inspector
(npm)
Jun 13, 2025
Withdrawn Advisory: Lunary Improper Authentication vulnerability
High
CVE-2024-6582
was published
for
lunary
(npm)
Sep 13, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API