Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
The X25519 x86_64 assembly implementation fails to clear the most significant bit during the... Low Unreviewed
CVE-2026-10512 was published Jun 25, 2026
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in... Low Unreviewed
CVE-2026-44074 was published May 21, 2026
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper... Low Unreviewed
CVE-2026-7836 was published May 21, 2026
CIRCL has an incorrect calculation in secp384r1 CombinedMult Low
CVE-2026-1229 was published for github.com/cloudflare/circl (Go) Feb 25, 2026
guidovranken Credited to guidovranken
Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files Low
CVE-2025-48985 was published for ai (npm) Nov 7, 2025
matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method Low
CVE-2025-59047 was published for matrix-sdk-base (Rust) Sep 11, 2025
poljar Credited to poljar
Vyper's sqrt doesn't define rounding behavior Low
CVE-2025-26622 was published for vyper (pip) Feb 21, 2025
evmos allows transferring unvested tokens after delegations Low
CVE-2024-32873 was published for github.com/evmos/evmos/v10 (Go) Jun 6, 2024
Incorrect TCR calculation in batchLiquidateTroves() during Recovery Mode Low
GHSA-xh2p-7p87-fhgh was published for @liquity/contracts (npm) Aug 5, 2021
Incorrect Calculation in bigint-money Low
GHSA-9r3m-mhfm-39cm was published for bigint-money (npm) Sep 11, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database