Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

158,245 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob... Moderate Unreviewed
CVE-2026-43287 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2... Moderate Unreviewed
CVE-2026-43310 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647:... Moderate Unreviewed
CVE-2026-43312 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to... Moderate Unreviewed
CVE-2026-43314 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: most: core: fix leak on... Moderate Unreviewed
CVE-2026-43317 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL... Moderate Unreviewed
CVE-2026-43313 was published May 8, 2026
arnika is affected by medium-severity issues in UDP rotation, PQC handling, and KMS TLS Moderate
GHSA-rc6v-5rmx-w5mv was published for github.com/arnika-project/arnika (Go) May 15, 2026
dpolzoni Credited to dpolzoni and nean-and-i nean-and-i nean-and-i
rkyv: Panic safety bugs in `InlineVec::clear` and `SerVec::clear` enable arbitrary code execution Moderate
GHSA-vfvv-c25p-m7mm was published for rkyv (Rust) May 15, 2026
Better Auth: OAuth callback accepts mismatched `state` when cookie-backed state storage is used without PKCE Moderate
GHSA-wxw3-q3m9-c3jr was published for better-auth (npm) May 15, 2026
Jvr2022 Credited to Jvr2022 and alavesa alavesa alavesa
Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL Moderate
CVE-2026-43826 was published for apache-airflow-providers-opensearch (pip) May 11, 2026
Apache Airflow Providers Elasticsearch: Elasticsearch task-log handlers leak credentials embedded in the host URL Moderate
CVE-2026-41018 was published for apache-airflow-providers-elasticsearch (pip) May 11, 2026
SimpleSAMLphp casserver: Open Redirect in logout Moderate
CVE-2025-65954 was published for simplesamlphp/simplesamlphp-module-casserver (Composer) May 15, 2026
pradtke Credited to pradtke
WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a... Moderate Unreviewed
CVE-2026-8612 was published May 15, 2026
Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a... Moderate Unreviewed
CVE-2026-8586 was published May 14, 2026
Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778... Moderate Unreviewed
CVE-2026-8576 was published May 14, 2026
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a... Moderate Unreviewed
CVE-2026-8562 was published May 14, 2026
Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim,... Moderate Unreviewed
CVE-2025-69443 was published May 14, 2026
In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx... Moderate Unreviewed
CVE-2026-43371 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix... Moderate Unreviewed
CVE-2026-43305 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort... Moderate Unreviewed
CVE-2026-43359 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak... Moderate Unreviewed
CVE-2026-43375 was published May 8, 2026
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix... Moderate Unreviewed
CVE-2026-43372 was published May 8, 2026
* Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently... Moderate Unreviewed
CVE-2025-14972 was published May 15, 2026
Foscam VD1 Video Doorbell before V5.3.13_1072 is vulnerable to Cleartext Transmission of... Moderate Unreviewed
CVE-2026-38740 was published May 14, 2026
Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168... Moderate Unreviewed
CVE-2026-8537 was published May 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database