GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
268 advisories
Anubis vulnerable to possible XSS via redir parameter when using subrequest auth mode
Moderate
CVE-2025-64716
was published
for
github.com/TecharoHQ/anubis
(Go)
Oct 30, 2025
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic
Moderate
CVE-2025-62595
was published
for
koa
(npm)
Oct 21, 2025
chi Allows Host Header Injection which Leads to Open Redirect in RedirectSlashes
Moderate
GHSA-vrw8-fxc6-2r93
was published
for
github.com/go-chi/chi/v5
(Go)
Jun 20, 2025
lobe-chat has an Open Redirect
Moderate
CVE-2025-59426
was published
for
@lobehub/chat
(npm)
Sep 24, 2025
Google Sign-In for Rails allowed redirects to malformed URLs
Moderate
CVE-2025-57821
was published
for
google_sign_in
(RubyGems)
Aug 27, 2025
@astrojs/node's trailing slash handling causes open redirect issue
Moderate
CVE-2025-55207
was published
for
@astrojs/node
(npm)
Aug 15, 2025
svg-sanitizer Bypasses Attribute Sanitization
Moderate
CVE-2025-55166
was published
for
enshrined/svg-sanitize
(Composer)
Aug 12, 2025
Apache Tomcat Open Redirect vulnerability
Moderate
CVE-2023-41080
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Aug 25, 2023
Astros's duplicate trailing slash feature leads to an open redirection security issue
Moderate
CVE-2025-54793
was published
for
astro
(npm)
Aug 7, 2025
ProTip!
Advisories are also available from the
GraphQL API