GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href
Moderate
CVE-2026-25500
was published
for
rack
(RubyGems)
Feb 17, 2026
Rack has a Possible Information Disclosure Vulnerability
Moderate
CVE-2025-61780
was published
for
rack
(RubyGems)
Oct 10, 2025
Rack session gets restored after deletion
Moderate
CVE-2025-46336
was published
for
rack-session
(RubyGems)
May 8, 2025
Rack session gets restored after deletion
Moderate
CVE-2025-32441
was published
for
rack
(RubyGems)
May 8, 2025
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Moderate
CVE-2025-27111
was published
for
rack
(RubyGems)
Mar 4, 2025
Possible Log Injection in Rack::CommonLogger
Moderate
CVE-2025-25184
was published
for
rack
(RubyGems)
Feb 12, 2025
ProTip!
Advisories are also available from the
GraphQL API