Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
48
Go
3,359
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,554
Pub
12
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does... Moderate Unreviewed
CVE-2026-25916 was published Feb 9, 2026
In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration... Moderate Unreviewed
CVE-2025-66432 was published Nov 30, 2025
Slack Nebula may accept arbitrary source IP addresses Moderate
CVE-2025-62820 was published for github.com/slackhq/nebula (Go) Oct 23, 2025
A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation... Moderate Unreviewed
CVE-2023-52718 was published Dec 28, 2024
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system... Moderate Unreviewed
CVE-2023-0317 was published Apr 19, 2023
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated Moderate
CVE-2023-28842 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere Credited to corhere, neersighted, cpuguy83, tianon, quadespresso, laurazard, and akerouanton neersighted neersighted
cpuguy83 cpuguy83 tianon tianon quadespresso quadespresso laurazard laurazard akerouanton akerouanton
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database