Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information High
CVE-2022-35980 was published for org.opensearch.plugin:opensearch-security (Maven) Aug 12, 2022
OpenSearch has issue with fine-grained access control of indices backing data streams Moderate
CVE-2022-41918 was published for org.opensearch.plugin:opensearch-security (Maven) Mar 7, 2023
Improper Authorization of Index Containing Sensitive Information in GitHub repository alfio-event... High Unreviewed
CVE-2023-2260 was published Apr 24, 2023
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka... Moderate Unreviewed
CVE-2023-4560 was published Aug 28, 2023
Improper authorization of an index that contains sensitive information from a Global Files search... Moderate Unreviewed
CVE-2024-49071 was published Dec 12, 2024
Contao discloses sensitive information in the front end search index Moderate
CVE-2025-57756 was published for contao/contao (Composer) Aug 28, 2025
fritzmg Credited to fritzmg
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control... Moderate Unreviewed
CVE-2025-3660 was published Jan 4, 2026
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure... Moderate Unreviewed
CVE-2025-3654 was published Jan 4, 2026
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control... Moderate Unreviewed
CVE-2025-3653 was published Jan 4, 2026
EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture... High Unreviewed
CVE-2019-25605 was published Mar 22, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database