Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,818
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,355
Swift
54
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
SageMaker Python SDK has Insecure TLS Configuration High
CVE-2026-1778 was published for sagemaker (pip) Feb 2, 2026
OpenList has Insecure TLS Default Configuration High
CVE-2026-25060 was published for github.com/OpenListTeam/OpenList/v4 (Go) Feb 2, 2026
XlabAITeam Credited to XlabAITeam, dezhishen, KirCute, jyxjjj, A7um, pkuGenuine, and keenanwgn dezhishen dezhishen
KirCute KirCute jyxjjj jyxjjj A7um A7um pkuGenuine pkuGenuine keenanwgn keenanwgn
Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is Missing SSL Certificate... Moderate Unreviewed
CVE-2025-63432 was published Nov 24, 2025
GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the... Moderate Unreviewed
CVE-2025-56232 was published Nov 5, 2025
Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the... High Unreviewed
CVE-2025-56230 was published Nov 5, 2025
Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU... Critical Unreviewed
CVE-2025-12553 was published Oct 31, 2025
Indian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in... Moderate Unreviewed
CVE-2025-56146 was published Sep 23, 2025
cortex establishes TLS connections with `InsecureSkipVerify` set to `true` High
CVE-2024-41265 was published for github.com/cortexproject/cortex (Go) Aug 1, 2024
Beego privilege escalation vulnerability High
CVE-2024-40464 was published for github.com/beego/beego/v2 (Go) Jul 31, 2024
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest... Moderate Unreviewed
CVE-2024-36755 was published Jun 27, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to... High Unreviewed
CVE-2024-31872 was published Apr 10, 2024
HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack High
CVE-2023-48052 was published for httpie (pip) Nov 16, 2023
RJPercival Credited to RJPercival
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database