GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching
Moderate
CVE-2026-33672
was published
for
picomatch
(npm)
Mar 25, 2026
Picomatch has a ReDoS vulnerability via extglob quantifiers
High
CVE-2026-33671
was published
for
picomatch
(npm)
Mar 25, 2026
@tootallnate/once vulnerable to Incorrect Control Flow Scoping
Low
CVE-2026-3449
was published
for
@tootallnate/once
(npm)
Mar 3, 2026
ProTip!
Advisories are also available from the
GraphQL API