Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

277 advisories

Loading
OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the... Critical Unreviewed
CVE-2026-32865 was published Mar 19, 2026
Glances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist` Critical
CVE-2026-32633 was published for Glances (pip) Mar 16, 2026
restriction Credited to restriction
SiYuan Vulnerable to Arbitrary File Read in Desktop Publish Service Critical
CVE-2026-32938 was published for github.com/siyuan-note/siyuan/kernel (Go) Mar 17, 2026
TCOTC Credited to TCOTC, YuxinZhaozyx, and 88250 YuxinZhaozyx YuxinZhaozyx
88250 88250
HAPI FHIR HTTP authentication leak in redirects Critical
CVE-2026-33180 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Mar 18, 2026
ElliotSilver Credited to ElliotSilver
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended... Critical Unreviewed
CVE-2010-2783 was published Apr 21, 2022
** UNSUPPORTED WHEN ASSIGNED ** Exposure of Sensitive Information to an Unauthorized Actor... Critical Unreviewed
CVE-2024-27905 was published Feb 27, 2024
SiYuan Vulnerable to Path Traversal in /export Endpoint Allows Arbitrary File Read and Secret Leakage Critical
CVE-2026-30869 was published for github.com/siyuan-note/siyuan/kernel (Go) Mar 7, 2026
Zwique Credited to Zwique
Rancher doesn't properly sanitize credentials in cluster template answers Critical
CVE-2021-36783 was published for github.com/rancher/rancher (Go) Mar 3, 2026
Access control settings for forum post custom fields are not applied to the JSON output type,... Critical Unreviewed
CVE-2026-21626 was published Feb 6, 2026
Known affected by Account Takeover via Password Reset Token Leakage Critical
CVE-2026-26273 was published for idno/known (Composer) Feb 13, 2026
IamLeandrooooo Credited to IamLeandrooooo
Argo CD's Project API Token Exposes Repository Credentials Critical
CVE-2025-55190 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 4, 2025
ntammineni5 Credited to ntammineni5, 34fathombelow, alexmt, todaywasawesome, jannfis, crenshaw-dev, and svghadi 34fathombelow 34fathombelow
alexmt alexmt todaywasawesome todaywasawesome jannfis jannfis crenshaw-dev crenshaw-dev svghadi svghadi
The Agentspace service was affected by a vulnerability that exposed sensitive information due to... Critical Unreviewed
CVE-2026-1727 was published Feb 7, 2026
The vulnerability exists in BLUVOYIX due to an improper password storage implementation and... Critical Unreviewed
CVE-2026-22240 was published Jan 14, 2026
The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation.... Critical Unreviewed
CVE-2026-22237 was published Jan 14, 2026
A vulnerability has been identified in the ServiceNow AI Platform that could enable an... Critical Unreviewed
CVE-2025-12420 was published Jan 13, 2026
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an... Critical Unreviewed
CVE-2026-0905 was published Jan 20, 2026
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet... Critical Unreviewed
CVE-2025-47855 was published Jan 13, 2026
This vulnerability allows a Backup or Tape Operator to write files as root. Critical Unreviewed
CVE-2025-59469 was published Jan 8, 2026
The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive... Critical Unreviewed
CVE-2025-11693 was published Dec 13, 2025
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can... Critical Unreviewed
CVE-2025-65820 was published Dec 10, 2025
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are... Critical Unreviewed
CVE-2025-54304 was published Dec 4, 2025
An exposure of sensitive information vulnerability has been reported to affect Media Streaming... Critical Unreviewed
CVE-2023-47222 was published Apr 26, 2024
An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers... Critical Unreviewed
CVE-2025-63729 was published Nov 25, 2025
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (... Critical Unreviewed
CVE-2025-63958 was published Nov 24, 2025
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR... Critical Unreviewed
CVE-2017-20210 was published Nov 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database