Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability.... High Unreviewed
CVE-2026-3559 was published Mar 16, 2026
HCL MyXalytics v6.7 is affected by improper management of a static JWT signing secret in the web... High Unreviewed
CVE-2025-59870 was published Jan 16, 2026
Cryptographic issue may occur while encrypting license data. High Unreviewed
CVE-2025-47345 was published Jan 7, 2026
Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets. High Unreviewed
CVE-2025-61739 was published Dec 22, 2025
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA... High Unreviewed
CVE-2022-24401 was published Oct 19, 2023
Inbound TCP Agent Protocol/3 authentication bypass in Jenkins High
CVE-2020-2099 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault Credited to NotMyFault
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the... High Unreviewed
CVE-2017-13082 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database