GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
React Server Components have multiple Denial of Service Vulnerabilities
High
CVE-2026-23864
was published
for
react-server-dom-parcel
(npm)
Jan 29, 2026
Next Vulnerable to Denial of Service with Server Components
High
GHSA-mwv6-3258-q52c
was published
for
next
(npm)
Dec 11, 2025
Denial of Service Vulnerability in React Server Components
High
CVE-2025-55184
was published
for
react-server-dom-parcel
(npm)
Dec 11, 2025
Claude Code Command Validation Bypass Allows Arbitrary Code Execution
High
CVE-2025-66032
was published
for
@anthropic-ai/claude-code
(npm)
Dec 3, 2025
SvelteKit framework has Insufficient CSRF protection for CORS requests
High
CVE-2023-29008
was published
for
@sveltejs/kit
(npm)
Apr 7, 2023
Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server)
High
GHSA-qm7x-rc44-rrqw
was published
for
apollo-server
(npm)
Nov 8, 2021
XSS vulnerability in GraphQL Playground from untrusted schemas
High
CVE-2021-41249
was published
for
graphql-playground-react
(npm)
Nov 8, 2021
GraphiQL introspection schema template injection attack
High
CVE-2021-41248
was published
for
graphiql
(npm)
Nov 8, 2021
ProTip!
Advisories are also available from the
GraphQL API