| CVE-2026-9697 | |
| CVE-2026-9678 | |
| GHSA-pr7r-676h-xcf6 | |
| GHSA-vmh5-mc38-953g | |
| GHSA-f38q-mgvj-vph7 | |
| GHSA-wqvq-jvpq-h66f | |
| GHSA-268h-hp4c-crq3 | |
| GHSA-gvmj-g25r-r7wr | |
| GHSA-r7g4-qg5f-qqm2 | |
| Directory Traversal | |
| GHSA-rp9w-3fw7-7cwq | |
| CVE-2026-49978 | |
| GHSA-76mc-f452-cxcm | |
| GHSA-4x5r-pxfx-6jf8 | |
| GHSA-vxr8-fq34-vvx9 | |
| Uncontrolled Recursion | |
| GHSA-x4vx-rjvf-j5p4 | |
| Uncontrolled Recursion | |
| GHSA-wcpc-wj8m-hjx6 | |
| GHSA-hmw2-7cc7-3qxx | |
| Resource Exhaustion | |
| GHSA-96hv-2xvq-fx4p | |
| CVE-2026-49459 | |
| GHSA-hpcv-96wg-7vj8 | |
| CVE-2026-49458 | |
| CVE-2026-12143 | |
| GHSA-r47g-fvhr-h676 | |
| CVE-2026-48069 | |
| GHSA-5375-pq7m-f5r2 | |
| CVE-2026-48068 | |
| GHSA-99f4-grh7-6pcq | |
| GHSA-j3q9-mxjg-w52f | |
| GHSA-p9ff-h696-f583 | |
| CVE-2026-4926 | |
| GHSA-93m4-6634-74q7 | |
| GHSA-27v5-c462-wpq7 | |
| CVE-2026-4923 | |
| GHSA-jqfw-vq24-v9c3 | |
| Information Exposure | |
| Directory Traversal | |
| Resource Exhaustion | |
| GHSA-v6h2-p8h4-qcjw | |
| Directory Traversal | |
| GHSA-g4jq-h2w9-997c | |
| Directory Traversal | |
| CVE-2026-2229 | |
| GHSA-f269-vfmq-vjvj | |
| GHSA-v9p9-hfj2-hcw8 | |
| CVE-2026-1526 | |
| CVE-2026-1525 | |
| GHSA-4992-7rv2-5pvq | |
| CVE-2026-1527 | |
| CVE-2026-1528 | |
| GHSA-2mjp-6q6p-2qxm | |
| GHSA-vrm6-8vpv-qv8q | |
| GHSA-654m-c8p4-x5fp | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| HTTP Response Splitting | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-35jp-ww65-95wh | |
| GHSA-pjwm-pj3p-43mv | |
| GHSA-898c-q2cr-xwhg | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| CVE-2026-8723 | |
| GHSA-hm8q-7f3q-5f36 | |
| GHSA-q8mj-m7cp-5q26 | |
| Improper Validation of Specified Quantity in Input | |
| Information Exposure Through Caching | |
| GHSA-qp7p-654g-cw7p | |
| Arbitrary Code Injection | |
| GHSA-p77w-8qqv-26rm | |
| GHSA-58qx-3vcg-4xpx | |
| GHSA-3qcw-2rhx-2726 | |
| Resource Exhaustion | |
| Untrusted Search Path | |
| Cross-site Request Forgery (CSRF) | |
| GHSA-jxxr-4gwj-5jf2 | |
| Use of Uninitialized Resource | |
| Uncontrolled Recursion | |
| GHSA-jggg-4jg4-v7c6 | |
| GHSA-hcf7-66rw-9f5r | |
| GHSA-pmwg-cvhr-8vh7 | |
| GHSA-3w6x-2g7m-8v23 | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| GHSA-q3j6-qgpj-74h6 | |
| Improper Authentication | |
| GHSA-v39h-62p7-jpjc | |
| GHSA-q8qp-cvcw-x6jj | |
| Improper Handling of Exceptional Conditions | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-6chq-wfr3-2hj9 | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-445q-vr5w-6q77 | |
| GHSA-vf2m-468p-8v99 | |
| GHSA-pf86-5x62-jrwf | |
| GHSA-3644-q5cj-c5c7 | |
| Deserialization of Untrusted Data | |
| CRLF Injection | |
| GHSA-5c9x-8gcm-mpgx | |
| GHSA-62hf-57xw-28j9 | |
| Improper Access Control | |
| Permissive Whitelist | |
| GHSA-v2v4-37r5-5v8g | |
| GHSA-w9j2-pvgh-6h63 | |
| CVE-2026-6322 | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2026-6321 | |
| Improper Encoding or Escaping of Output | |
| Uncontrolled Recursion | |
| Permissive Whitelist | |
| GHSA-q7rr-3cgh-j5r3 | |
| GHSA-xx6v-rp6x-q39c | |
| GHSA-m7pr-hjqh-92cm | |
| HTTP Response Splitting | |
| GHSA-xhjh-pmcv-23jw | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-qx2v-qp2m-jg93 | |
| Cross-site Scripting (XSS) | |
| XML Injection | |
| GHSA-w5hq-g745-h8pq | |
| GHSA-gh4j-gqv2-49f6 | |
| Out-of-bounds Write | |
| Information Exposure | |
| Uncontrolled Recursion | |
| GHSA-48c2-rrv3-qjmp | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-xq3m-2v4x-88gg | |
| Arbitrary Code Injection | |
| GHSA-rr7j-v2q5-chgv | |
| GHSA-39q2-94rc-95cp | |
| GHSA-fw9q-39r9-c252 | |
| GHSA-q4gf-8mx6-v5v3 | |
| GHSA-r4q5-vmmm-2653 | |
| GHSA-458j-xx4x-4375 | |
| GHSA-wmmm-f939-6g9c | |
| Directory Traversal | |
| Incorrect Behavior Order: Validate Before Canonicalize | |
| GHSA-chqc-8p9q-pq6q | |
| GHSA-26pp-8wgv-hjvm | |
| Directory Traversal | |
| Improper Input Validation | |
| GHSA-xf4j-xp2r-rqqx | |
| GHSA-6v7q-wjvx-w8wg | |
| GHSA-r5rp-j6wh-rvv4 | |
| Directory Traversal | |
| Directory Traversal | |
| GHSA-xpcf-pg52-r92g | |
| CRLF Injection | |
| GHSA-4w7w-66w2-5vf9 | |
| GHSA-92pp-h63x-v22m | |
| GHSA-fvcv-3m26-pcqx | |
| HTTP Response Splitting | |
| GHSA-3p68-rc4w-qgx5 | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| GHSA-c7w3-x93f-qmm8 | |
| GHSA-vvjj-xcjg-gr5g | |
| CVE-2026-4800 | |
| GHSA-vpq2-c234-7xj6 | |
| CVE-2026-2950 | |
| Resource Exhaustion | |
| GHSA-737v-mqg7-c878 | |
| GHSA-r5fr-rjxr-66jc | |
| CVE-2026-3449 | |
| GHSA-f23m-r3pf-42rh | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| GHSA-f886-m6hf-6m8v | |
| GHSA-8cpq-38p9-67gx | |
| GHSA-38f7-945m-qr2g | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| CVE-2025-61732 | |
| GHSA-j3gx-2473-5fp8 | |
| Allocation of Resources Without Limits or Throttling | |
| GHSA-f7gr-6p89-r883 | |
| Direct Request ('Forced Browsing') | |
| Cross-site Scripting (XSS) | |
| GHSA-wmrf-hv6w-mr66 | |
| GHSA-rf6f-7fwh-wjgh | |
| Cross-site Scripting (XSS) | |
| GHSA-25h7-pfq9-p65f | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| GHSA-46wh-pxpv-q5gq | |
| SQL Injection | |
| Race Condition | |
| GHSA-crpf-4hrx-3jrp | |
| GHSA-m56q-vw4c-c2cp | |
| GHSA-h355-32pf-p2xm | |
| GHSA-jp2q-39xq-3w4g | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| GHSA-rv83-g57w-fr8j | |
| Uncontrolled Recursion | |
| Improper Validation of Specified Quantity in Input | |
| GHSA-8jvr-vh7g-f8gx | |
| GHSA-phwv-c562-gvmh | |
| CVE-2025-68121 | |
| SQL Injection | |
| GHSA-ggv3-7p47-pfv8 | |
| Resource Exhaustion | |
| GHSA-3x4c-7xq6-9pq8 | |
| HTTP Request Smuggling | |
| Incorrect Authorization | |
| GHSA-wc8c-qw6v-h7f6 | |
| Cross-site Scripting (XSS) | |
| GHSA-v8jm-5vwx-cfxm | |
| GHSA-v2wj-7wpq-c8vv | |
| Cross-site Scripting (XSS) | |
| GHSA-v8w9-8mx6-g223 | |
| GHSA-5c6j-r48x-rmvq | |
| Directory Traversal | |
| Inefficient Regular Expression Complexity | |
| CVE-2025-61730 | |
| GHSA-9r54-q6cx-xmh5 | |
| GHSA-gr56-3gp6-6gmj | |
| GHSA-r354-f388-2fhh | |
| Race Condition | |
| GHSA-8fgc-7cc6-rx7x | |
| CVE-2025-66478 | |
| GHSA-9qr9-h5gf-34mp | |
| GHSA-3vhc-576x-3qv4 | |
| CVE-2025-59471 | |
| GHSA-h25m-26qc-wcjf | |
| CVE-2025-59472 | |
| Information Exposure | |
| Improper Verification of Cryptographic Signature | |
| GHSA-mwv6-3258-q52c | |
| Improper Check for Unusual or Exceptional Conditions | |
| GHSA-f67f-6cw9-8mq4 | |
| CVE-2025-61731 | |
| GHSA-37qj-frw5-hhjh | |
| GHSA-6475-r3vj-m8vf | |
| GHSA-w37m-7fhw-fmv9 | |
| GHSA-v34v-rq6j-cj6p | |
| GHSA-w7fw-mjwx-w883 | |
| CVE-2026-2391 | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| GHSA-36hm-qxxp-pg3m | |
| GHSA-6wqw-2p9w-4vw4 | |
| GHSA-43fc-jf86-j433 | |
| CVE-2025-66400 | |
| Insecure Default Initialization of Resource | |
| GHSA-w48q-cv73-mx4w | |
| GHSA-4fh9-h7wg-q85m | |
| Cross-site Scripting (XSS) | |
| Information Exposure Through Caching | |
| Incorrect Regular Expression | |
| Inefficient Regular Expression Complexity | |
| GHSA-869p-cjfg-cm3x | |
| Out-of-bounds Write | |
| GHSA-rcmh-qjqh-p98v | |
| Improper Verification of Cryptographic Signature | |
| Improper Check or Handling of Exceptional Conditions | |
| Improper Input Validation | |
| GHSA-gq3j-xvxp-8hrf | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-g9mf-h72j-4rw9 | |
| Directory Traversal | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-cm6p-qc7v-m3jw | |
| CVE-2025-13465 | |
| Resource Exhaustion | |
| GHSA-xvqr-69v8-f3gv | |
| GHSA-43p4-m455-4f4j | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Server-Side Request Forgery (SSRF) | |
| GHSA-38r7-794h-5758 | |
| GHSA-5rq4-664w-9x2c | |
| GHSA-3ppc-4f35-3m26 | |
| GHSA-2g4f-4pwh-qvx6 | |
| GHSA-9g9p-9gw9-jx7f | |
| GHSA-73rr-hh4g-fpgx | |
| CVE-2025-15284 | |
| GHSA-345p-7cg4-v4c7 | |
| GHSA-xxjr-mmjv-4gpg | |
| GHSA-5f7q-jpqc-wp7h | |
| GHSA-w332-q679-j88p | |
| GHSA-mw96-cpmx-2vgc | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Verification of Cryptographic Signature | |
| GHSA-6rw7-vpxm-498p | |
