GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
OneUptime has Synthetic Monitor RCE via exposed Playwright browser object
Critical
CVE-2026-30957
was published
for
@oneuptime/common
(npm)
Mar 10, 2026
OneUptime: Synthetic Monitor RCE via exposed Playwright browser object
Critical
CVE-2026-30921
was published
for
@oneuptime/common
(npm)
Mar 7, 2026
OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution
High
CVE-2026-22812
was published
for
opencode-ai
(npm)
Jan 13, 2026
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write
High
CVE-2025-68697
was published
for
n8n
(npm)
Dec 26, 2025
webpack-dev-server users' source code may be stolen when they access a malicious web site
Moderate
CVE-2025-30359
was published
for
webpack-dev-server
(npm)
Jun 4, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Moderate
CVE-2025-24361
was published
for
@nuxt/rspack-builder
(npm)
Jan 27, 2025
Escalation of privileges in @sap/xssec
Critical
CVE-2023-49583
was published
for
@sap/xssec
(npm)
Dec 12, 2023
ProTip!
Advisories are also available from the
GraphQL API