Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,980
Maven
5,000+
npm
4,634
NuGet
788
pip
4,321
Pub
12
RubyGems
986
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
Rack has a Directory Traversal via Rack:Directory High
CVE-2026-22860 was published for rack (RubyGems) Feb 17, 2026
Masamuneee jeremyevans
ioquatix
Credited to Masamuneee, jeremyevans, and ioquatix
Argo Workflows affected by stored XSS in the artifact directory listing High
CVE-2026-23960 was published for github.com/argoproj/argo-workflows (Go) Jan 21, 2026
Masamuneee
Credited to Masamuneee
net-imap rubygem vulnerable to possible DoS by memory exhaustion Moderate
CVE-2025-43857 was published for net-imap (RubyGems) Apr 28, 2025
Masamuneee nevans
Credited to Masamuneee and nevans
Local File Inclusion in Rack::Static High
CVE-2025-27610 was published for rack (RubyGems) Mar 10, 2025
Masamuneee jeremyevans
ioquatix
Credited to Masamuneee, jeremyevans, and ioquatix
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection Moderate
CVE-2025-27111 was published for rack (RubyGems) Mar 4, 2025
Masamuneee ioquatix
jeremyevans
Credited to Masamuneee, ioquatix, and jeremyevans
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database