| CVE-2026-46625 | |
| GHSA-qjx8-664m-686j | |
| GHSA-298w-vvm4-ww55 | |
| Information Exposure Through Caching | |
| GHSA-hm8q-7f3q-5f36 | |
| GHSA-v39h-62p7-jpjc | |
| CVE-2026-8723 | |
| GHSA-qp7p-654g-cw7p | |
| GHSA-v2v4-37r5-5v8g | |
| GHSA-q8mj-m7cp-5q26 | |
| GHSA-q3j6-qgpj-74h6 | |
| Cross-site Scripting (XSS) | |
| GHSA-p77w-8qqv-26rm | |
| CVE-2026-6322 | |
| Improper Validation of Specified Quantity in Input | |
| Arbitrary Code Injection | |
| CVE-2026-6321 | |
| GHSA-qj8w-gfj5-8c6v | |
| Resource Exhaustion | |
| Out-of-bounds Write | |
| GHSA-w5hq-g745-h8pq | |
| GHSA-445q-vr5w-6q77 | |
| GHSA-62hf-57xw-28j9 | |
| GHSA-w9j2-pvgh-6h63 | |
| GHSA-pmwg-cvhr-8vh7 | |
| GHSA-3w6x-2g7m-8v23 | |
| GHSA-xx6v-rp6x-q39c | |
| GHSA-pf86-5x62-jrwf | |
| GHSA-6chq-wfr3-2hj9 | |
| GHSA-vf2m-468p-8v99 | |
| GHSA-5c9x-8gcm-mpgx | |
| GHSA-m7pr-hjqh-92cm | |
| GHSA-xhjh-pmcv-23jw | |
| Permissive Whitelist | |
| Improper Encoding or Escaping of Output | |
| GHSA-r4q5-vmmm-2653 | |
| GHSA-j452-xhg8-qg39 | |
| Improper Authentication | |
| CRLF Injection | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Allocation of Resources Without Limits or Throttling | |
| HTTP Response Splitting | |
| Server-Side Request Forgery (SSRF) | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-q8qp-cvcw-x6jj | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Permissive Whitelist | |
| Uncontrolled Recursion | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2026-5758 | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| GHSA-xf4j-xp2r-rqqx | |
| Directory Traversal | |
| CRLF Injection | |
| Inefficient Regular Expression Complexity | |
| GHSA-fvcv-3m26-pcqx | |
| GHSA-92pp-h63x-v22m | |
| GHSA-26pp-8wgv-hjvm | |
| Directory Traversal | |
| GHSA-r5rp-j6wh-rvv4 | |
| GHSA-3p68-rc4w-qgx5 | |
| HTTP Response Splitting | |
| GHSA-chqc-8p9q-pq6q | |
| GHSA-wmmm-f939-6g9c | |
| GHSA-jg4p-7fhp-p32p | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| Incorrect Behavior Order: Validate Before Canonicalize | |
| Directory Traversal | |
| GHSA-6v7q-wjvx-w8wg | |
| Improper Input Validation | |
| GHSA-xpcf-pg52-r92g | |
| GHSA-jvff-x2qm-6286 | |
| CVE-2026-4800 | |
| GHSA-r5fr-rjxr-66jc | |
| GHSA-f23m-r3pf-42rh | |
| CVE-2026-2950 | |
| Improper Input Validation | |
| GHSA-jr5f-v2jv-69x6 | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-8mvj-3j78-4qmw | |
| GHSA-4hjh-wcwx-xvwj | |
| CVE-2025-15284 | |
| GHSA-76p7-773f-r4q5 | |
| Directory Traversal | |
| GHSA-rx8g-88g5-qh64 | |
| GHSA-x7hr-w5r2-h6wg | |
| GHSA-8r9q-7v3j-jr4g | |
| GHSA-f8cm-6447-x5h2 | |
| Inefficient Regular Expression Complexity | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2025-57352 | |
| GHSA-6rw7-vpxm-498p | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| CVE-2026-4923 | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| GHSA-2328-f5f3-gj25 | |
| Arbitrary Code Injection | |
| GHSA-2qvq-rjwj-gvw9 | |
| Improper Check for Unusual or Exceptional Conditions | |
| Arbitrary Code Injection | |
| GHSA-ppp5-5v6c-4jwp | |
| GHSA-j3q9-mxjg-w52f | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| CVE-2026-4926 | |
| Resource Exhaustion | |
| Improper Certificate Validation | |
| GHSA-5m6q-g25r-mvwx | |
| GHSA-7rx3-28cr-v5wh | |
| GHSA-q67f-28xg-22rw | |
| GHSA-442j-39wm-28r2 | |
| GHSA-3mfm-83xf-c92r | |
| GHSA-2w6w-674q-4c4q | |
| GHSA-f886-m6hf-6m8v | |
| Improper Input Validation | |
| GHSA-xjpj-3mr7-gcpf | |
| Arbitrary Code Injection | |
| GHSA-9cx6-37pm-9jff | |
| GHSA-27v5-c462-wpq7 | |
| Improper Verification of Cryptographic Signature | |
| GHSA-xhpv-hc6g-r9c6 | |
| GHSA-48c2-rrv3-qjmp | |
| Uncontrolled Recursion | |
| Improper Handling of URL Encoding (Hex Encoding) | |
| GHSA-wc8c-qw6v-h7f6 | |
| GHSA-3v7f-55p6-f55p | |
| GHSA-5pq2-9x2x-5p6w | |
| Inappropriate Comment Style | |
| GHSA-p6xx-57qc-3wxr | |
| Inefficient Regular Expression Complexity | |
| GHSA-c2c7-rcm5-vvqj | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-v8jm-5vwx-cfxm | |
| Arbitrary Code Injection | |
| Incorrect Authorization | |
| GHSA-q5qw-h33p-qvwr | |
| Cross-site Scripting (XSS) | |
| GHSA-7x6v-j9x4-qf24 | |
| Cross-site Scripting (XSS) | |
| Improper Encoding or Escaping of Output | |
| GHSA-wfv2-pwc8-crg5 | |
| Off-by-one Error | |
| GHSA-gmq8-994r-jv83 | |
| Directory Traversal | |
| GHSA-9ppj-qmqm-q256 | |
| GHSA-r6q2-hw4h-h46w | |
| Inefficient Regular Expression Complexity | |
| Directory Traversal | |
| Directory Traversal | |
| GHSA-34x7-hfp2-rc4v | |
| Algorithmic Complexity | |
| Directory Traversal | |
| CVE-2026-3449 | |
| GHSA-7r86-cg39-jmmj | |
| GHSA-2g4f-4pwh-qvx6 | |
| GHSA-vpq2-c234-7xj6 | |
| GHSA-8qq5-rm4j-mr97 | |
| Directory Traversal | |
| Inefficient Regular Expression Complexity | |
| GHSA-83g3-92jg-28cx | |
| Improper Handling of Unicode Encoding | |
| GHSA-23c5-xmqv-rm74 | |
| GHSA-3ppc-4f35-3m26 | |
| GHSA-qffp-2rhf-9h96 | |
| Inefficient Regular Expression Complexity | |
| Allocation of Resources Without Limits or Throttling | |
| Cross-site Scripting (XSS) | |
| GHSA-v2wj-7wpq-c8vv | |
| GHSA-46wh-pxpv-q5gq | |
| GHSA-v8w9-8mx6-g223 | |
| CVE-2026-2739 | |
| GHSA-378v-28hj-76wf | |
| GHSA-5rq4-664w-9x2c | |
| Directory Traversal | |
| GHSA-w7fw-mjwx-w883 | |
| Improper Encoding or Escaping of Output | |
| CVE-2026-2391 | |
| GHSA-67pg-wm7f-q7fj | |
| Resource Exhaustion | |
| GHSA-9vjf-qc39-jprp | |
| Arbitrary Code Injection | |
| GHSA-gq3j-xvxp-8hrf | |
| GHSA-p5xg-68wr-hm3m | |
| Race Condition | |
| GHSA-43fc-jf86-j433 | |
| GHSA-345p-7cg4-v4c7 | |
| Improper Check for Unusual or Exceptional Conditions | |
| Improper Encoding or Escaping of Output | |
| GHSA-95fx-jjr5-f39c | |
| Arbitrary Code Injection | |
| GHSA-vm32-vv63-w422 | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-pqxr-3g65-p328 | |
| GHSA-cjw8-79x6-5cj4 | |
| Race Condition | |
| CVE-2025-13465 | |
| GHSA-xxjr-mmjv-4gpg | |
| Insecure Default Initialization of Resource | |
| GHSA-w48q-cv73-mx4w | |
| GHSA-65ch-62r8-g69g | |
| CVE-2025-13466 | |
| GHSA-wqch-xfxh-vrr4 | |
| Integer Overflow or Wraparound | |
| GHSA-554w-wpv2-vw27 | |
| GHSA-5gfm-wpxj-wjgq | |
| CVE-2025-12816 | |
| Uncontrolled Recursion | |
| GHSA-mh29-5h37-fv8m | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Link Following | |
| CVE-2025-7783 | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Inefficient Regular Expression Complexity | |
| CVE-2024-4067 | |
| Inefficient Regular Expression Complexity | |
| CVE-2024-47764 | |
| CVE-2025-25977 | |
| Inefficient Regular Expression Complexity | |
| Server-Side Request Forgery (SSRF) | |
| CVE-2025-26791 | |
| CVE-2024-21538 | |
| CVE-2024-38996 | |
| CVE-2024-39001 | |
| CVE-2024-37890 | |
| CVE-2024-28863 | |
| CVE-2024-4068 | |
| CVE-2024-28849 | |
| Cross-site Request Forgery (CSRF) | |
| Open Redirect | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
