Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,153
Maven
5,000+
npm
5,000+
NuGet
861
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
JupyterLab LaTeX typesetter links did not enforce `noopener` attribute Low
CVE-2025-59842 was published for jupyterlab (pip) Sep 26, 2025
Yaniv-git Credited to Yaniv-git, krassowski, and dlqqq krassowski krassowski
dlqqq dlqqq
SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate... Low Unreviewed
CVE-2025-42941 was published Aug 12, 2025
HFS user adding a "web link" in HFS is vulnerable to "target=_blank" exploit Low
GHSA-xcxh-6cv4-q8p8 was published for hfs (npm) Aug 12, 2025
ByteAfterlife Credited to ByteAfterlife
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0... Moderate Unreviewed
CVE-2025-33014 was published Jul 18, 2025
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link... Moderate Unreviewed
CVE-2024-39727 was published Dec 25, 2024
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as... Low Unreviewed
CVE-2018-25089 was published Aug 28, 2023
A vulnerability was found in ualbertalib NEOSDiscovery 1.0.70 and classified as problematic. This... Moderate Unreviewed
CVE-2022-4927 was published Mar 5, 2023
Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener Access Moderate
CVE-2018-25058 was published for twitter-fetcher-js (npm) Dec 29, 2022
text_helpers uses web link to untrusted target with window.opener access Moderate
CVE-2020-36624 was published for text_helpers (RubyGems) Dec 22, 2022
The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on... Moderate Unreviewed
CVE-2022-2600 was published Aug 23, 2022
The External Links in New Window / New Tab WordPress plugin before 1.43 does not ensure window... Moderate Unreviewed
CVE-2022-1583 was published May 31, 2022
Reverse Tabnabbing in showdown Low
GHSA-h6mq-3cj6-h738 was published for showdown (npm) Sep 3, 2020
tdunlap607 Credited to tdunlap607
Reverse Tabnabbing in quill Moderate
GHSA-588m-9qg5-35pq was published for quill (npm) Sep 3, 2020
Reverse Tabnapping in swagger-ui Moderate
GHSA-x9p2-fxq6-2m5f was published for swagger-ui (npm) Jun 20, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database