Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Orval has Code Injection via unsanitized x-enum-descriptions using JS comments Critical
CVE-2026-25141 was published for @orval/core (npm) Jan 30, 2026
progfay Credited to progfay and k14uz k14uz k14uz
MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server High
CVE-2025-58444 was published for @modelcontextprotocol/inspector (npm) Sep 8, 2025
cai0duque Credited to cai0duque
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross... Moderate Unreviewed
CVE-2024-52890 was published Aug 5, 2025
An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows... Moderate Unreviewed
CVE-2025-25325 was published Feb 27, 2025
An issue in Boohee Technology Boohee Health iOS 13.0.13 allows attackers to access sensitive user... Moderate Unreviewed
CVE-2025-25330 was published Feb 27, 2025
An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0... Moderate Unreviewed
CVE-2025-25326 was published Feb 27, 2025
An issue in Suning Commerce Group Suning EMall iOS 9.5.198 allows attackers to access sensitive... Moderate Unreviewed
CVE-2025-25334 was published Feb 27, 2025
An issue in Beitatong Technology LianJia iOS 9.83.50 allows attackers to access sensitive user... Moderate Unreviewed
CVE-2025-25331 was published Feb 27, 2025
An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows... Moderate Unreviewed
CVE-2025-25329 was published Feb 27, 2025
An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows... Moderate Unreviewed
CVE-2025-25323 was published Feb 27, 2025
An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access... Moderate Unreviewed
CVE-2025-25324 was published Feb 27, 2025
BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could... Low Unreviewed
CVE-2024-42184 was published Jan 23, 2025
In Apollo change requests, comments added by users could contain a javascript URI link that when... Moderate Unreviewed
CVE-2023-30959 was published Sep 27, 2023
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo... High Unreviewed
CVE-2022-40181 was published Oct 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database