Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
slack-go `SecretsVerifier` accepts empty signing secret without precondition Moderate
GHSA-gxhx-2686-5h9g was published for github.com/slack-go/slack (Go) May 14, 2026
SnailSploit Credited to SnailSploit and massif-01 massif-01 massif-01
Netty HTTP/3 QPACK literal unbounded allocation High
CVE-2026-42582 was published for io.netty:netty-codec-http3 (Maven) May 7, 2026
violetagg Credited to violetagg, nicolaideffremo, normanmaurer, and massif-01 nicolaideffremo nicolaideffremo
normanmaurer normanmaurer massif-01 massif-01
elliott-with-the-longest-name-on-github Credited to elliott-with-the-longest-name-on-github, KarimPwnz, wim-vercel, mattiasljungstrom, Wenxin-Jiang, and massif-01 KarimPwnz KarimPwnz
wim-vercel wim-vercel mattiasljungstrom mattiasljungstrom Wenxin-Jiang Wenxin-Jiang massif-01 massif-01
Linkify Allows Prototype Pollution & HTML Attribute Injection (XSS) High
CVE-2025-8101 was published for linkifyjs (npm) Jul 26, 2025
saip007 Credited to saip007, caverav, and massif-01 caverav caverav
massif-01 massif-01
ProTip! Advisories are also available from the GraphQL API