GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
352 advisories
xygeni-action v5 tag poisoned with C2 backdoor
Critical
CVE-2026-31976
was published
for
xygeni/xygeni-action
(GitHub Actions)
Mar 11, 2026
Malicious versions of Nx were published
Critical
CVE-2025-10894
was published
for
@nx/devkit
(npm)
Aug 27, 2025
Malicious Package in beffer-xor
Critical
GHSA-7cvf-p83w-48q6
was published
for
beffer-xor
(npm)
Sep 3, 2020
Malicious Package in another-date-picker
Critical
GHSA-2p62-c4rm-mr72
was published
for
another-date-picker
(npm)
Sep 1, 2020
Malicious Package in eslint-scope
Critical
GHSA-hxxf-q3w9-4xgw
was published
for
eslint-config-eslint
(npm)
Jul 12, 2018
ProTip!
Advisories are also available from the
GraphQL API