GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
zip Incorrectly Canonicalizes Paths during Archive Extraction Leading to Arbitrary File Write
High
CVE-2025-29787
was published
for
zip
(Rust)
Mar 17, 2025
FrankenPHP's unicode case-folding length expansion causes incorrect split_path index (SCRIPT_NAME/PATH_INFO confusion) in FrankenPHP
High
CVE-2026-24895
was published
for
github.com/dunglas/frankenphp
(Go)
Feb 12, 2026
Vite: `server.fs.deny` bypassed with queries
High
CVE-2026-39364
was published
for
vite
(npm)
Apr 6, 2026
ProTip!
Advisories are also available from the
GraphQL API