GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
FlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2025-59527
was published
for
flowise
(npm)
Sep 15, 2025
Flowise has Remote Code Execution vulnerability
Critical
CVE-2025-59528
was published
for
flowise
(npm)
Sep 15, 2025
lobe-chat has an Open Redirect
Moderate
CVE-2025-59426
was published
for
@lobehub/chat
(npm)
Sep 24, 2025
FlowiseAI/Flosise has File Upload vulnerability
High
CVE-2025-61687
was published
for
flowise
(npm)
Oct 8, 2025
Argo Workflow has a Zipslip Vulnerability
High
CVE-2025-62156
was published
for
github.com/argoproj/argo-workflows/v3
(Go)
Oct 14, 2025
reflex-dev/reflex has an Open Redirect vulnerability
Low
CVE-2025-62379
was published
for
reflex
(pip)
Oct 15, 2025
Lobe Chat vulnerable to Server-Side Request Forgery with native web fetch module
Low
CVE-2025-62505
was published
for
@lobehub/chat
(npm)
Oct 17, 2025
Portkey.ai Gateway: Server-Side Request Forgery (SSRF) in Custom Host
Moderate
CVE-2025-66405
was published
for
@portkey-ai/gateway
(npm)
Dec 2, 2025
ProTip!
Advisories are also available from the
GraphQL API