GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
id: pretty-print uses effective GID instead of effective UID for name lookup
Low
CVE-2026-35371
was published
for
uu_id
(Rust)
Jul 6, 2026
Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote...
Low
Unreviewed
CVE-2026-13982
was published
Jul 1, 2026
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an...
Low
Unreviewed
CVE-2026-13948
was published
Jul 1, 2026
Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47...
Low
Unreviewed
CVE-2026-13945
was published
Jul 1, 2026
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a...
Low
Unreviewed
CVE-2026-12458
was published
Jun 17, 2026
PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but...
Low
Unreviewed
CVE-2026-48851
was published
May 26, 2026
Duplicate Advisory: uutils coreutils's User Interface (UI) Misrepresents Critical Information
Low
GHSA-53gr-wmf4-8hh3
was published
for
coreutils
(Rust)
Apr 22, 2026
•
withdrawn
A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an...
Low
Unreviewed
CVE-2026-20732
was published
Feb 4, 2026
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Low
Unreviewed
CVE-2025-65046
was published
Dec 19, 2025
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app...
Low
Unreviewed
CVE-2025-14019
was published
Dec 15, 2025
LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the...
Low
Unreviewed
CVE-2025-14023
was published
Dec 15, 2025
Drupal core allows Content Spoofing
Low
CVE-2025-13082
was published
for
drupal/core
(Composer)
Nov 18, 2025
Withdrawn Advisory: JHipster allows privilege escalation via a modified authorities parameter
Low
CVE-2025-43712
was published
for
generator-jhipster
(npm)
Jul 25, 2025
•
withdrawn
A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7...
Low
Unreviewed
CVE-2024-9163
was published
May 23, 2025
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through...
Low
Unreviewed
CVE-2025-46394
was published
Apr 23, 2025
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11...
Low
Unreviewed
CVE-2024-6595
was published
Jul 17, 2024
WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 2 of 5).
Low
Unreviewed
CVE-2022-38163
was published
Nov 7, 2022
ProTip!
Advisories are also available from the
GraphQL API