GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
98 advisories
Filter by severity
In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate...
Critical
Unreviewed
CVE-2026-45388
was published
Jun 15, 2026
In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate...
Critical
Unreviewed
CVE-2026-45389
was published
Jun 15, 2026
A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer...
Critical
Unreviewed
CVE-2026-53475
was published
Jun 10, 2026
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation....
Critical
Unreviewed
CVE-2026-41872
was published
May 12, 2026
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex...
Critical
Unreviewed
CVE-2026-20184
was published
Apr 15, 2026
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA...
Critical
Unreviewed
CVE-2026-5194
was published
Apr 9, 2026
Improper certificate validation in the identity provider connection components in Amazon Athena...
Critical
Unreviewed
CVE-2026-35560
was published
Apr 3, 2026
Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client...
Critical
Unreviewed
CVE-2026-30794
was published
Mar 5, 2026
Improper
enforcement of the Disable password saving in vaults setting in the
connection entry...
Critical
Unreviewed
CVE-2026-2590
was published
Mar 4, 2026
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To...
Critical
Unreviewed
CVE-2025-70043
was published
Feb 23, 2026
An issue in the TLS certification mechanism of Guardian Gryphon v01.06.0006.22 allows attackers...
Critical
Unreviewed
CVE-2025-65753
was published
Feb 17, 2026
The affected devices do not validate the server certificate when connecting to the SolaX Cloud...
Critical
Unreviewed
CVE-2025-15573
was published
Feb 12, 2026
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This...
Critical
Unreviewed
CVE-2025-67229
was published
Jan 23, 2026
An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client...
Critical
Unreviewed
CVE-2025-11043
was published
Jan 19, 2026
An issue in Automai BotManager v.25.2.0 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2025-46070
was published
Jan 12, 2026
Due to a lack of certificate validation, all traffic from the mobile application can be...
Critical
Unreviewed
CVE-2025-65830
was published
Dec 10, 2025
A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), JT...
Critical
Unreviewed
CVE-2025-40801
was published
Dec 9, 2025
A vulnerability has been identified in COMOS V10.6 (All versions), COMOS V10.6 (All versions), NX...
Critical
Unreviewed
CVE-2025-40800
was published
Dec 9, 2025
Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate...
Critical
Unreviewed
CVE-2025-56231
was published
Nov 5, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and...
Critical
Unreviewed
CVE-2025-34235
was published
Sep 29, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and...
Critical
Unreviewed
CVE-2025-34199
was published
Sep 19, 2025
MicroWorld eScan AV's update mechanism failed to ensure authenticity and integrity of updates:...
Critical
Unreviewed
CVE-2024-13990
was published
Sep 19, 2025
An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0...
Critical
Unreviewed
CVE-2025-55109
was published
Sep 16, 2025
A malicious client can bypass the client certificate trust check of an opc.https server when the...
Critical
Unreviewed
CVE-2025-7390
was published
Aug 21, 2025
A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and...
Critical
Unreviewed
CVE-2025-7395
was published
Jul 19, 2025
ProTip!
Advisories are also available from the
GraphQL API