Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+

16 advisories

Loading
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on... Low Unreviewed
CVE-2023-5875 was published Nov 2, 2023
Mattermost Desktop App allows for bypassing TCC restrictions on macOS Low
CVE-2024-36287 was published for mattermost-desktop (npm) Jun 14, 2024
Mattermost Desktop App fails to sufficiently configure Electron Fuses Low
CVE-2024-45835 was published for mattermost-desktop (npm) Sep 16, 2024
Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may... Low Unreviewed
CVE-2024-38660 was published Nov 13, 2024
@misskey-dev/summaly Redirect Filter Bypass Low
CVE-2025-46553 was published for @misskey-dev/summaly (npm) May 5, 2025
warriordog Credited to warriordog
Protection mechanism failure for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Low Unreviewed
CVE-2025-21081 was published May 13, 2025
In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3... Low Unreviewed
CVE-2019-13535 was published May 24, 2022
Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount points Low
GHSA-phhq-63jg-fp7r was published for github.com/edgelesssys/contrast (Go) Jul 9, 2025
burgerdev Credited to burgerdev, katexochen, and thomasten katexochen katexochen
thomasten thomasten
Protobuf Maven Plugin protocDigest is ignored when using protoc from PATH Low
GHSA-j2pc-v64r-mv4f was published for io.github.ascopes:protobuf-maven-plugin (Maven) Nov 4, 2025
Marcono1234 Credited to Marcono1234
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2024-20923 was published Feb 17, 2024
Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing Low
CVE-2025-66479 was published for @anthropic-ai/sandbox-runtime (npm) Dec 4, 2025
Envoy forwards early CONNECT data in TCP proxy mode Low
CVE-2025-64763 was published for github.com/envoyproxy/envoy (Go) Dec 5, 2025
botengyao Credited to botengyao, phlax, yanavlasov, agrawroh, and chasingimpact phlax phlax
yanavlasov yanavlasov agrawroh agrawroh chasingimpact chasingimpact
Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Runtime on the Mattermost... Low Unreviewed
CVE-2025-13326 was published Dec 17, 2025
HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of... Low Unreviewed
CVE-2025-55249 was published Jan 19, 2026
OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode Low
GHSA-8mf7-vv8w-hjr2 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
@whyour/qinglong: manipulation of the argument command leads to protection mechanism failure Low
CVE-2026-3965 was published for @whyour/qinglong (npm) Mar 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database