GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,112
Composer 5,317
Erlang 42
GitHub Actions 43
Go 3,153
Maven 6,299
npm 5,105
NuGet 861
pip 4,451
Pub 12
RubyGems 991
Rust 1,179
Swift 50

Unreviewed advisories

All unreviewed 293,208

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex)... High Unreviewed

CVE-2025-10990 was published Feb 27, 2026

Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in... Moderate Unreviewed

CVE-2026-26936 was published Feb 26, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18... High Unreviewed

CVE-2026-1388 was published Feb 25, 2026

LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ... High Unreviewed

CVE-2024-58340 was published Jan 13, 2026

Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki -... Moderate Unreviewed

CVE-2026-0668 was published Jan 7, 2026

Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10... High Unreviewed

CVE-2025-62484 was published Nov 13, 2025

Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability... Moderate Unreviewed

CVE-2025-5342 was published Oct 30, 2025

A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter... Moderate Unreviewed

CVE-2025-4690 was published Aug 19, 2025

IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of... High Unreviewed

CVE-2025-33090 was published Aug 18, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1... Moderate Unreviewed

CVE-2025-2937 was published Aug 13, 2025

A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This... Moderate Unreviewed

CVE-2025-7074 was published Jul 5, 2025

Inefficient regular expression complexity issue exists in GROWI prior to v7.1.6. If exploited, a... Moderate Unreviewed

CVE-2025-43880 was published Jun 25, 2025

A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed

CVE-2024-4025 was published Jun 20, 2025

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain... Moderate Unreviewed

CVE-2025-6069 was published Jun 17, 2025

A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects... Moderate Unreviewed

CVE-2025-5895 was published Jun 9, 2025

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1.... Moderate Unreviewed

CVE-2025-5892 was published Jun 9, 2025

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as... Low Unreviewed

CVE-2025-4215 was published May 2, 2025

The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker... High Unreviewed

CVE-2024-13926 was published Apr 19, 2025

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin... Moderate Unreviewed

CVE-2024-13896 was published Apr 10, 2025

Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport... High Unreviewed

CVE-2023-0881 was published Mar 31, 2025

A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version... High Unreviewed

CVE-2024-8998 was published Mar 20, 2025

A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute... High Unreviewed

CVE-2024-8764 was published Mar 20, 2025

Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service ... High Unreviewed

CVE-2024-8789 was published Mar 20, 2025

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary... High Unreviewed

CVE-2024-8763 was published Mar 20, 2025

A vulnerability in danswer-ai/danswer version 1 allows an attacker to perform a Regular... High Unreviewed

CVE-2024-7779 was published Mar 20, 2025

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

92 advisories