GHSA-64X6-Q8PQ-XJMG vulnerabilities

Vulnerabilities for packages: firefox...

GHSA-RWVC-J5JR-MGVH vulnerabilities

Vulnerabilities for packages: kibana...

GHSA-8Q63-W3PX-VG38 vulnerabilities

Vulnerabilities for packages: ffmpeg...

GHSA-VM5P-43QH-7PMQ

creationtimestamp| type| source ---|---|--- 2026-01-06 17:06:07+00:00| seen| Telegram/NtgdGeZWqROuFZ2INFVIF7wbiZX6L2oMH79jCDcZlZLsnY...

GHSA-MRFV-M5WM-5W6W libsodium has Incomplete List of Disallowed Inputs

libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. This advisoory...

MAL-2025-192988 Malicious code in yellowdiscordlookup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a458f47de1b6a86fa1139c7fa7def7c0035d181b6db01d635374e0e6058893a9 The package yellowdiscordlookup was found to contain malicious code. Source: ghsa-malware...

CVE-2025-68951

creationtimestamp| type| source ---|---|--- 2025-12-29 10:11:32+00:00| published-proof-of-concept| https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-jv8r-hv7q-p6vc...

CVE-2025-67743

creationtimestamp| type| source ---|---|--- 2025-12-22 23:48:26+00:00| published-proof-of-concept| https://github.com/LearningCircuit/local-deep-research/security/advisories/GHSA-9c54-gxh7-ppjc...

GHSA-W853-JP5J-5J7F vulnerabilities

Vulnerabilities for packages: open-webui, airflow, py3-cassandra-medusa, kserve, mlflow...

GHSA-CFPF-HRX2-8RV6 vulnerabilities

Vulnerabilities for packages: opentelemetry-collector, amazon-cloudwatch-agent, argo-cd, tempo, argo-workflows, opentelemetry-collector-contrib, argo-rollouts, jaeger, nats, splunk-otel-collector, verticadb-operator, k8sgpt, aws-otel-collector, kubeflow-pipelines, kserve, grafana-alloy, kine, ked...

CVE-2025-68142

creationtimestamp| type| source ---|---|--- 2025-12-15 22:07:58+00:00| published-proof-of-concept| https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-r6h4-mm7h-8pmq...

CVE-2025-68130

creationtimestamp| type| source ---|---|--- 2025-12-15 19:48:47+00:00| published-proof-of-concept| https://github.com/trpc/trpc/security/advisories/GHSA-43p4-m455-4f4j...

GHSA-9965-VMPH-33XX vulnerabilities

Vulnerabilities for packages: sqlpad, saf, redisinsight...

GHSA-GVMQ-HR29-XRX3 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-X93G-7WJC-5JQW vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-6PGW-376W-JRXX vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-533C-PPXJ-MJQJ vulnerabilities

Vulnerabilities for packages: gitlab-operator-fips...

GHSA-QGVM-92M2-J87G vulnerabilities

Vulnerabilities for packages: gitlab-operator-fips...

CVE-2025-66220

creationtimestamp| type| source ---|---|--- 2025-12-03 17:01:36+00:00| published-proof-of-concept| https://github.com/envoyproxy/envoy/security/advisories/GHSA-rwjg-c3h2-f57p...

CVE-2025-66297

creationtimestamp| type| source ---|---|--- 2025-12-01 15:55:48+00:00| published-proof-of-concept| https://github.com/getgrav/grav/security/advisories/GHSA-858q-77wx-hhx6...