10 Pull requests merged by 6 people

• Update GHSA-mqcp-p2hv-vw6x.json

  #5912 merged Aug 5, 2025

• [GHSA-9j5q-479x-43g2] A prototype pollution in the function deepMerge of ...

  #5902 merged Aug 5, 2025

• [GHSA-8554-jxcw-454q] Webargs mishandles concurrent JSON parsing

  #5899 merged Aug 4, 2025

• [GHSA-rr8j-7w34-xp5j] Vault Community Edition privilege escalation vulnerability

  #5898 merged Aug 4, 2025

• [GHSA-g233-2p4r-3q7v] Hashicorp Vault vulnerable to denial of service through memory exhaustion

  #5897 merged Aug 4, 2025

• [GHSA-jg74-mwgw-v6x3] Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

  #5896 merged Aug 4, 2025

• [GHSA-2gh3-rmm4-6rq5] Crash due to uncontrolled recursion in protobuf crate

  #5880 merged Aug 1, 2025

• [GHSA-rxf6-323f-44fc] rust-protobuf crate is vulnerable to Uncontrolled Recursion, potentially leading to DoS

  #5881 merged Aug 1, 2025

• [GHSA-9qm3-6qrr-c76m] A prototype pollution vulnerability exists in @nyariv...

  #5877 merged Jul 31, 2025

• [GHSA-rhrv-645h-fjfh] Apache Avro Java SDK vulnerable to Improper Input Validation

  #5876 merged Jul 31, 2025

1 Pull request opened by 1 person

• [GHSA-3rw8-4xrq-3f7p] Uptime Kuma ReDoS vulnerability

  #5969 opened Aug 6, 2025

3 Issues closed by 1 person

• > https://minepi.com/blog/pi-lockup/

  #5905 closed Aug 5, 2025

• GHSA-w596-4wvx-j9j6 should be withdrawn

  #5878 closed Aug 1, 2025

• Lost assets

  #5874 closed Jul 31, 2025

2 Issues opened by 1 person

• Since "Router firmware" or "Embedded device" ecosystem is not present!!

  #5886 opened Aug 2, 2025

• There is no option labeled "PHP" in the ecosystem dropdown.

  #5885 opened Aug 2, 2025

6 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Support Haskell ecosystem advisories

  #5858 commented on Aug 2, 2025 • 0 new comments

• A question about review priority

  #4832 commented on Aug 3, 2025 • 0 new comments

• [GHSA-m8p2-495h-ccmh] The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks

  #5791 commented on Aug 2, 2025 • 0 new comments

• [GHSA-8w3f-4r8f-pf53] Remote code execution through js2py onCaptchaResult

  #5809 commented on Aug 2, 2025 • 0 new comments

• [GHSA-fr5w-98mc-jjvg] Arbitrary file upload in Mingsoft MCMS

  #5834 commented on Aug 7, 2025 • 0 new comments

• [GHSA-h57w-vh34-f8cw] Code injection in mingSoft MCMS

  #5835 commented on Aug 3, 2025 • 0 new comments