GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
@digitalocean/do-markdownit has Type Confusion vulnerability
Moderate
CVE-2025-59717
was published
for
@digitalocean/do-markdownit
(npm)
Sep 19, 2025
@sequa-ai/sequa-mcp has Command Injection vulnerability
Moderate
CVE-2025-10619
was published
for
@sequa-ai/sequa-mcp
(npm)
Sep 17, 2025
matrix-js-sdk has insufficient validation when considering a room to be upgraded by another
Moderate
CVE-2025-59160
was published
for
matrix-js-sdk
(npm)
Sep 16, 2025
Duplicate Advisory: express-xss-sanitizer has an unbounded recursion depth
Moderate
GHSA-qhwp-454g-2gv4
was published
for
express-xss-sanitizer
(npm)
Sep 15, 2025
•
withdrawn
jsondiffpatch is vulnerable to Cross-site Scripting (XSS) via HtmlFormatter::nodeBegin
Moderate
CVE-2025-9910
was published
for
jsondiffpatch
(npm)
Sep 11, 2025
Decap CMS Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2025-57520
was published
for
decap-cms
(npm)
Sep 10, 2025
ExpressGateway Cross-Site Scripting Vulnerability in lib/rest/routes/users.js
Moderate
CVE-2025-9095
was published
for
express-gateway
(npm)
Aug 18, 2025
ExpressGateway Cross-Site Scripting Vulnerability in lib/rest/routes/apps.js
Moderate
CVE-2025-9096
was published
for
express-gateway
(npm)
Aug 18, 2025
ProTip!
Advisories are also available from the
GraphQL API