The goal of this project is to provide additional features on top of the existing npm audit options
-
Updated
Jan 21, 2026 - TypeScript
The goal of this project is to provide additional features on top of the existing npm audit options
EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!
A collection of packages for using security advisories from osv.dev in Node.js.
23-tool MCP server for CVE & vulnerability intelligence. NVD, EPSS, CISA KEV, GitHub Advisory, OSV — unified in one server. Risk scoring, bulk triage, exploit search. 2 dependencies, runs with npx.
Public Codespaces runner for verified CVE/GHSA vulnerability reproductions
Self-hosted Grafana dashboard for GitHub Security Advisories. Postgres-backed, mirrors the GitHub API 1:1.
Security Knowledge Graph Triples
A practical, consult-as-you-go guide for open source maintainers handling GitHub security advisories. Triage, private forks, CVEs, publication, and the gotchas nobody warns you about.
A lightweight shell script that scans node / bun / deno projects to detect vulnerable npm packages using OSV and GHSA vulnerabilities database or custom source formats (JSON / CSV / PURL / SBOM / SARIF / TRIVY)
Broken Object Level Authorization (BOLA) enables cross-user document viewing, modification, and unauthorized deletion via direct object reference.
Broken Object Level Authorization (BOLA) combined with credentialed CORS misconfiguration enables cross-user, cross-origin authenticated document exfiltration.
CLI tool that scans pnpm overrides and determines whether CVE-related overrides can be safely removed by running pnpm audit
Shell script to detect TanStack npm supply chain attack indicators (CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx)
AI 驱动的漏洞情报平台 · GHSA 爬取 · LLM 深度分析 · 每日简报 · OSS 推送
Independent AI/LLM security research — 10 shipped fixes, 5 GHSA advisories; focus on multi-tenant isolation, MCP protocol attack surface, SSRF/cookie boundary leakage
CVE-2026-50181 / GHSA-fg23-3346-88f5: Langroid path traversal advisory landing page
CVE-2026-50131 / GHSA-xw9q-2mv6-9fr8: Fedify incomplete SSRF mitigation advisory landing page
CVE-2026-54520 / GHSA-cm8g-8jfq-887p: ai-agent-automation workflow path traversal advisory landing page
CVE-2026-54519 / GHSA-qv97-83w4-ff86: ai-agent-automation memory authorization advisory landing page
Add a description, image, and links to the ghsa topic page so that developers can more easily learn about it.
To associate your repository with the ghsa topic, visit your repo's landing page and select "manage topics."