Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
CoreDNS Loop Detection Denial of Service Vulnerability High
CVE-2026-26018 was published for github.com/coredns/coredns (Go) Mar 6, 2026
YOUNEVSKY Credited to YOUNEVSKY
Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl Moderate
CVE-2025-62710 was published for org.sakaiproject.kernel:sakai-kernel-impl (Maven) Oct 22, 2025
A predictable seed in pseudo-random number generator vulnerability has been discovered in... High Unreviewed
CVE-2025-55069 was published Sep 24, 2025
Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX... Low Unreviewed
CVE-2025-20613 was published Aug 12, 2025
Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The... High Unreviewed
CVE-2025-7770 was published Aug 6, 2025
JUJU_CONTEXT_ID is a predictable authentication secret Moderate
CVE-2024-7558 was published for github.com/juju/juju (Go) Oct 3, 2024
hpidcock Credited to hpidcock and lucistanescu lucistanescu lucistanescu
Duplicate Advisory: Juju makes Use of Weak Credentials High
GHSA-phh4-3hmm-24rx was published for github.com/juju/juju (Go) Oct 2, 2024 withdrawn
cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code Low
CVE-2024-22194 was published for case-utils (pip) Jan 11, 2024
ajnelson-nist Credited to ajnelson-nist and kchason kchason kchason
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric... Critical Unreviewed
CVE-2022-40267 was published Jan 20, 2023
A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This... Moderate Unreviewed
CVE-2016-15006 was published Jan 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database