GHSA-92vj-g62v-jqhh: Hono has Body Limit Middleware Bypass

GHSA-q7pg-9pr4-mrp2: httpsig-rs: HMAC verification is vulnerable to timing attack

GHSA-wgpv-6j63-x5ph: Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover

GHSA-vcqx-v2mg-7chx:  Neo4j Cypher MCP server is vulnerable to DNS rebinding 

GHSA-7vm2-j586-vcvc: SurrealDB is Vulnerable to Unauthorized Data Exposure via LIVE Query Subscriptions

All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.

**Command Injection in create-choo-electron**

High severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database • Updated Jan 27, 2023

Headline

GHSA-j8wr-fwf2-vvr9: Command Injection in create-choo-electron

ghsa: Latest News