Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12 advisories

Loading
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via... Moderate Unreviewed
CVE-2023-2886 was published May 25, 2023
A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected... Critical Unreviewed
CVE-2014-125071 was published Jan 9, 2023
CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The... Moderate Unreviewed
CVE-2023-32264 was published Mar 8, 2024
An issue was discovered in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site... Critical Unreviewed
CVE-2023-0957 was published Jul 6, 2023
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This... High Unreviewed
CVE-2023-2848 was published Sep 14, 2023
Vulnerability in Xiexe XSOverlay before build 647 allows non-local websites to send the malicious... Critical Unreviewed
CVE-2024-23168 was published Aug 15, 2024
Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not... High Unreviewed
CVE-2024-48849 was published Jan 29, 2025
Cross-Site WebSocket Hijacking vulnerability in Hitachi Ops Center Analyzer (RAID Agent component... Moderate Unreviewed
CVE-2024-8201 was published May 16, 2025
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking... Moderate Unreviewed
CVE-2025-36116 was published Jul 23, 2025
GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and... Moderate Unreviewed
CVE-2025-61987 was published Dec 12, 2025
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being... High Unreviewed
CVE-2024-1657 was published Apr 25, 2024
A missing origin validation in WebSockets vulnerability affects the GraphicalData web services... Moderate Unreviewed
CVE-2026-1692 was published Feb 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database