GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
NiceGUI has a path traversal in app.add_media_files() allows arbitrary file read
High
CVE-2025-66645
was published
for
nicegui
(pip)
Dec 9, 2025
NiceGUI Stored/Reflected XSS in ui.interactive_image via unsanitized SVG content
Moderate
CVE-2025-66470
was published
for
nicegui
(pip)
Dec 8, 2025
NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection
Moderate
CVE-2025-66469
was published
for
nicegui
(pip)
Dec 8, 2025
ProTip!
Advisories are also available from the
GraphQL API