Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
@angular/service-worker: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker High
CVE-2026-54264 was published for @angular/service-worker (npm) Jun 15, 2026
SkyZeroZx Credited to SkyZeroZx, alan-agius4, JeanMeche, and josephperrott alan-agius4 alan-agius4
JeanMeche JeanMeche josephperrott josephperrott
LangSmith SDK: Streaming token events bypass output redaction Moderate
CVE-2026-41182 was published for langsmith (npm) Apr 16, 2026
Ryu7zz Credited to Ryu7zz
Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client High
CVE-2025-66035 was published for @angular/common (npm) Nov 26, 2025
alan-agius4 Credited to alan-agius4, AndrewKushnir, irsl, hybrist, and AKiileX AndrewKushnir AndrewKushnir
irsl irsl hybrist hybrist AKiileX AKiileX
Matrix SDK for React's URL preview setting for a room is controllable by the homeserver Moderate
CVE-2024-42347 was published for matrix-react-sdk (npm) Aug 6, 2024
Withdrawn Advisory: Incorrect Authorization in cross-fetch Moderate
CVE-2022-1365 was published for cross-fetch (npm) Apr 17, 2022 withdrawn
cysp Credited to cysp and AndrewMohawk AndrewMohawk AndrewMohawk
Forwarding of confidentials headers to third parties in fluture-node Low
CVE-2022-24719 was published for fluture-node (npm) Mar 1, 2022
Exposure of sensitive information in follow-redirects High
CVE-2022-0155 was published for follow-redirects (npm) Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API