| Directory Traversal | |
| Improper Handling of Unicode Encoding | |
| GHSA-qffp-2rhf-9h96 | |
| GHSA-r6q2-hw4h-h46w | |
| Directory Traversal | |
| Interpretation Conflict | |
| Directory Traversal | |
| Directory Traversal | |
| GHSA-vmf3-w455-68vh | |
| GHSA-8qq5-rm4j-mr97 | |
| GHSA-9ppj-qmqm-q256 | |
| GHSA-83g3-92jg-28cx | |
| GHSA-34x7-hfp2-rc4v | |
| Directory Traversal | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-rf6f-7fwh-wjgh | |
| GHSA-25h7-pfq9-p65f | |
| Uncontrolled Recursion | |
| GHSA-22p9-wv53-3rq4 | |
| Inefficient Regular Expression Complexity | |
| GHSA-w7jw-789q-3m8p | |
| CVE-2026-9277 | |
| GHSA-fvcv-3m26-pcqx | |
| Uncontrolled Recursion | |
| GHSA-f6ww-3ggp-fr8h | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Encoding or Escaping of Output | |
| XML Injection | |
| GHSA-5xrq-8626-4rwp | |
| GHSA-3v7f-55p6-f55p | |
| GHSA-3ppc-4f35-3m26 | |
| CVE-2026-12143 | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| GHSA-5prr-v3j2-97mh | |
| GHSA-v62p-rq8g-8h59 | |
| Server-Side Request Forgery (SSRF) | |
| Permissive Whitelist | |
| GHSA-48c2-rrv3-qjmp | |
| GHSA-445q-vr5w-6q77 | |
| GHSA-5c9x-8gcm-mpgx | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-898c-q2cr-xwhg | |
| GHSA-65ch-62r8-g69g | |
| Permissive Whitelist | |
| Integer Overflow or Wraparound | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Resource Exhaustion | |
| GHSA-xhjh-pmcv-23jw | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Information Exposure | |
| CVE-2025-12816 | |
| GHSA-43fc-jf86-j433 | |
| GHSA-3g43-6gmg-66jw | |
| GHSA-23c5-xmqv-rm74 | |
| GHSA-j5f8-grm9-p9fc | |
| GHSA-wjv4-x9w8-wm3h | |
| Uncontrolled Recursion | |
| Uncontrolled Recursion | |
| GHSA-554w-wpv2-vw27 | |
| GHSA-62hf-57xw-28j9 | |
| XML Injection | |
| GHSA-xhf5-7wjv-pqxp | |
| GHSA-p67v-3w7g-wjg7 | |
| HTTP Response Splitting | |
| GHSA-777c-7fjr-54vf | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-pjwm-pj3p-43mv | |
| GHSA-h7cp-r72f-jxh6 | |
| HTTP Response Splitting | |
| Allocation of Resources Without Limits or Throttling | |
| Arbitrary Code Injection | |
| GHSA-hmw2-7cc7-3qxx | |
| CVE-2026-47262 | |
| GHSA-q67f-28xg-22rw | |
| CVE-2025-6545 | |
| GHSA-c2c7-rcm5-vvqj | |
| GHSA-j759-j44w-7fr8 | |
| Improper Verification of Cryptographic Signature | |
| GHSA-q8qp-cvcw-x6jj | |
| GHSA-pf86-5x62-jrwf | |
| CRLF Injection | |
| GHSA-9cv2-cfxc-v4v2 | |
| GHSA-2328-f5f3-gj25 | |
| Improper Authentication | |
| Improper Check for Unusual or Exceptional Conditions | |
| GHSA-5m6q-g25r-mvwx | |
| GHSA-q7cg-457f-vx79 | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-3p68-rc4w-qgx5 | |
| GHSA-wh4c-j3r5-mjhp | |
| GHSA-w9j2-pvgh-6h63 | |
| GHSA-ppp5-5v6c-4jwp | |
| Inefficient Regular Expression Complexity | |
| CVE-2025-6547 | |
| GHSA-phwj-rprq-35pp | |
| XML Injection | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Inefficient Regular Expression Complexity | |
| GHSA-r4q5-vmmm-2653 | |
| GHSA-2v35-w6hq-6mfw | |
| Improper Input Validation | |
| GHSA-8678-w3jw-xfc2 | |
| GHSA-5v8h-3h3q-446p | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Improper Input Validation | |
| GHSA-vf2m-468p-8v99 | |
| GHSA-hfxv-24rg-xrqf | |
| GHSA-jpcc-p29g-p8mq | |
| Allocation of Resources Without Limits or Throttling | |
| Uncontrolled Recursion | |
| GHSA-xx6v-rp6x-q39c | |
| Improper Input Validation | |
| GHSA-3w6x-2g7m-8v23 | |
| GHSA-m7pr-hjqh-92cm | |
| Information Exposure | |
| GHSA-6chq-wfr3-2hj9 | |
| GHSA-5gfm-wpxj-wjgq | |
| GHSA-wfpw-mmfh-qq69 | |
| GHSA-64mm-vxmg-q3vj | |
| GHSA-pmwg-cvhr-8vh7 | |
| GHSA-35jp-ww65-95wh | |
| Improper Certificate Validation | |
| Uncaught Exception | |
| GHSA-7r86-cg39-jmmj | |
| GHSA-p92q-9vqr-4j8v | |
| Directory Traversal | |
| XML Injection | |
| GHSA-4hjh-wcwx-xvwj | |
| GHSA-x6wf-f3px-wcqx | |
| Inefficient Regular Expression Complexity | |
| Algorithmic Complexity | |
| GHSA-fjxv-7rqg-78g4 | |
| CVE-2025-7783 | |
| CVE-2025-9287 | |
| GHSA-cpq7-6gpm-g9rc | |
| GHSA-95m3-7q98-8xr5 | |
| CVE-2025-9288 | |
| CVE-2026-50195 | |
| Symlink Following | |
| GHSA-rgh6-rfwx-v388 | |
| Improper Input Validation | |
| GHSA-cvxm-645q-p574 | |
| GHSA-33vj-92qq-66hc | |
| Cross-site Scripting (XSS) | |
| GHSA-3mfm-83xf-c92r | |
| Improper Check for Unusual or Exceptional Conditions | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| GHSA-9cx6-37pm-9jff | |
| GHSA-xhpv-hc6g-r9c6 | |
| Cross-site Scripting (XSS) | |
| GHSA-442j-39wm-28r2 | |
| Arbitrary Code Injection | |
| GHSA-xjpj-3mr7-gcpf | |
| GHSA-7rx3-28cr-v5wh | |
| GHSA-2w6w-674q-4c4q | |
| GHSA-2qvq-rjwj-gvw9 | |
| GHSA-5wrp-cwcj-q835 | |
| GHSA-hfvc-g4fc-pqhx | |
| Untrusted Search Path | |
| Uncontrolled Memory Allocation | |
| GHSA-3p65-76g6-3w7r | |
| Incorrect Authorization | |
| GHSA-f2g3-hh2r-cwgc | |
| Server-Side Request Forgery (SSRF) | |
| Improper Access Control | |
| GHSA-6pjf-3r9x-m592 | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-33mh-2634-fwr2 | |
| Uncontrolled Recursion | |
| GHSA-98m9-hrrm-r99r | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-5rv5-xj5j-3484 | |
| Directory Traversal | |
| GHSA-84xv-jfrm-h4gm | |
| GHSA-c32j-vqhx-rx3x | |
| Improper Neutralization | |
| Resource Exhaustion | |
| Authentication Bypass | |
| GHSA-c4fp-cxrr-mj66 | |
| Arbitrary Command Injection | |
| Improper Authentication | |
| GHSA-2vqw-3mp8-cgmx | |
| GHSA-qpgp-93vx-g8v8 | |
| GHSA-8p34-64r3-mwg8 | |
| Arbitrary Command Injection | |
| GHSA-46q3-7gv7-qmgg | |
| GHSA-v2fc-qm4h-8hqv | |
| GHSA-c4rq-3m3g-8wgx | |
| GHSA-h3gm-q7m7-mp28 | |
| GHSA-4279-q6mj-392r | |
| CVE-2026-42507 | |
| CVE-2026-27145 | |
| Directory Traversal | |
| GHSA-crhj-59gh-8x96 | |
| GHSA-m7cr-m3pv-hgrp | |
| Improper Encoding or Escaping of Output | |
| Improper Privilege Management | |
| GHSA-fqw6-gf59-qr4w | |
| GHSA-75xq-5h9v-w6px | |
| GHSA-q2mw-fvj9-vvcw | |
| Arbitrary Command Injection | |
| GHSA-vcgp-9326-pqcp | |
| Arbitrary Command Injection | |
| Allocation of Resources Without Limits or Throttling | |
| Missing Report of Error Condition | |
| GHSA-87pf-fpwv-p7m7 | |
| Algorithmic Complexity | |
| GHSA-hm49-wcqc-g2xg | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-fqvq-p2gc-c297 | |
| Missing Authorization | |
| GHSA-c73g-r4cp-2xmg | |
| Uncontrolled Recursion | |
| GHSA-m3xc-h892-ggx6 | |
| GHSA-qw64-3x98-g7q2 | |
| Directory Traversal | |
| GHSA-389r-gv7p-r3rp | |
| Incorrect Behavior Order: Validate Before Canonicalize | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-mh2q-q3fh-2475 | |
| GHSA-3xc5-wrhm-f963 | |
| Insufficiently Protected Credentials | |
| Out-of-bounds Write | |
| GHSA-qf3q-3h68-mmh2 | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-8g2r-hhvj-mv99 | |
| Link Following | |
| NULL Pointer Dereference | |
| GHSA-7f3r-gwc9-2995 | |
| GHSA-hg3h-g7xc-f7vp | |
| GHSA-p9h5-jm8x-mjm5 | |
| GHSA-jp94-3292-c3xv | |
| CVE-2026-42501 | |
| GHSA-5m4p-2gjx-p2g8 | |
| Partial Comparison | |
| GHSA-qc64-m6c2-v4x7 | |
| GHSA-xq5j-9r39-c3vf | |
| Exposed Dangerous Method or Function | |
| CVE-2026-42499 | |
| Open Redirect | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Directory Traversal | |
| GHSA-526f-jxpj-jmg2 | |