Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
New API has Potential XSS in its MarkdownRenderer component High
CVE-2026-25802 was published for github.com/QuantumNous/new-api (Go) Feb 23, 2026
small-lovely-cat Credited to small-lovely-cat, TechnologyStar, t0ng7u, and Calcium-Ion TechnologyStar TechnologyStar
t0ng7u t0ng7u Calcium-Ion Calcium-Ion
New API has an SQL LIKE Wildcard Injection DoS via Token Search High
CVE-2026-25591 was published for github.com/QuantumNous/new-api (Go) Feb 23, 2026
xuemian168 Credited to xuemian168, callmeiks, and Calcium-Ion callmeiks callmeiks
Calcium-Ion Calcium-Ion
new-api is vulnerable to SSRF Bypass High
CVE-2025-62155 was published for github.com/QuantumNous/new-api (Go) Nov 24, 2025
h3rrr Credited to h3rrr and Calcium-Ion Calcium-Ion Calcium-Ion
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database