Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
russh server userauth state is not reset when authentication principal changes Moderate
CVE-2026-46705 was published for russh (Rust) May 29, 2026
mjc Credited to mjc
RustFS has a gRPC Hardcoded Token Authentication Bypass Critical
CVE-2025-68926 was published for rustfs (Rust) Dec 30, 2025
sudo-rs doesn't record authenticating user properly in timestamp Moderate
CVE-2025-64517 was published for sudo-rs (Rust) Nov 13, 2025
Pingasmaster Credited to Pingasmaster, bjorn3, and squell bjorn3 bjorn3
squell squell
s2n-tls's mTLS API ordering may skip client authentication Moderate
GHSA-857q-xmph-p2v5 was published for s2n-tls (Rust) Aug 9, 2024
matrix-sdk-crypto's `UserIdentity::is_verified` not checking verification status of own user identity while performing the check Moderate
CVE-2024-40648 was published for matrix-sdk-crypto (Rust) Jul 18, 2024
dkasak Credited to dkasak and poljar poljar poljar
SurrealDB vulnerable to Improper Authentication when Changing Databases as Scope User Moderate
GHSA-gh9f-6xm2-c4j2 was published for surrealdb (Rust) Jul 11, 2024
ericwhitefield Credited to ericwhitefield
matrix-sdk-crypto contains potential impersonation via room key forward responses Moderate
CVE-2022-39252 was published for matrix-sdk-crypto (Rust) Sep 30, 2022
michaelkedar Credited to michaelkedar
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database