GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
4 advisories
pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File (Path Traversal)
High
CVE-2026-50015
was published
for
pnpm
(npm)
pnpm: Git Fetch Argument Injection via Lockfile resolution.commit
Moderate
CVE-2026-50014
was published
for
pnpm
(npm)
pnpm Has an Integrity Check Bypass via Missing Lockfile Integrity Field
Moderate
CVE-2026-50021
was published
for
pnpm
(npm)
Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958)
High
CVE-2026-45401
was published
for
open-webui
(pip)
ProTip!
Advisories are also available from the
GraphQL API
