Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
Python-Multipart has Arbitrary File Write via Non-Default Configuration High
CVE-2026-24486 was published for python-multipart (pip) Jan 26, 2026
mwlik Credited to mwlik, imenyoo2, and davidsilveiro imenyoo2 imenyoo2
davidsilveiro davidsilveiro
Salvo is vulnerable to reflected XSS in the list_html function High
CVE-2026-22256 was published for salvo (Rust) Jan 8, 2026
AhmedMokhtari Credited to AhmedMokhtari, mwlik, and imenyoo2 mwlik mwlik
imenyoo2 imenyoo2
Salvo is vulnerable to stored XSS in the list_html function by uploading files with malicious names High
CVE-2026-22257 was published for salvo (Rust) Jan 8, 2026
AhmedMokhtari Credited to AhmedMokhtari, imenyoo2, and mwlik imenyoo2 imenyoo2
mwlik mwlik
Hono's flaw in URL path parsing could cause path confusion High
CVE-2025-58362 was published for hono (npm) Sep 3, 2025
mwlik Credited to mwlik and imenyoo2 imenyoo2 imenyoo2
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database