GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9 advisories
sm-crypto Affected by Signature Forgery in SM2-DSA
High
CVE-2026-23965
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Signature Malleability in SM2-DSA
High
CVE-2026-23967
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Private Key Recovery in SM2-PKE
Critical
CVE-2026-23966
was published
for
sm-crypto
(npm)
Jan 21, 2026
RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE
High
CVE-2026-22700
was published
for
sm2
(Rust)
Jan 13, 2026
SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
High
CVE-2026-22699
was published
for
sm2
(Rust)
Jan 9, 2026
SM2-PKE has 32-bit Biased Nonce Vulnerability
High
CVE-2026-22698
was published
for
sm2
(Rust)
Jan 9, 2026
Flowise is vulnerable to arbitrary file exposure through its ReadFileTool
High
GHSA-j44m-5v8f-gc9c
was published
for
flowise
(npm)
Oct 10, 2025
Flowise is vulnerable to arbitrary file write through its WriteFileTool
Critical
CVE-2025-61913
was published
for
Flowise
(npm)
Oct 9, 2025
gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks
High
CVE-2025-57801
was published
for
github.com/consensys/gnark
(Go)
Aug 22, 2025
ProTip!
Advisories are also available from the
GraphQL API