GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
Fastify's Missing End Anchor in "subtypeNameReg" Allows Malformed Content-Types to Pass Validation
Moderate
CVE-2026-3419
was published
for
fastify
(npm)
Mar 5, 2026
Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions
Moderate
CVE-2025-13465
was published
for
lodash
(npm)
Jan 21, 2026
body-parser is vulnerable to denial of service when url encoding is used
Moderate
CVE-2025-13466
was published
for
body-parser
(npm)
Nov 25, 2025
Express.js Open Redirect in malformed URLs
Moderate
CVE-2024-29041
was published
for
express
(npm)
Mar 25, 2024
ProTip!
Advisories are also available from the
GraphQL API