Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,894
Maven
5,000+
npm
5,000+
NuGet
963
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,373
Swift
54
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
ldap3_proto has LDAP Filter stack exhaustion High
GHSA-qcxq-75wr-5cm8 was published for ldap3_proto (Rust) May 6, 2026
mbarbero Credited to mbarbero
kanidmd_lib: Image upload validators run before authorization; PNG validator panics on malformed input Moderate
GHSA-84jc-3hj2-hwc7 was published for kanidmd_lib (Rust) May 6, 2026
mbarbero Credited to mbarbero
scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion High
CVE-2026-46689 was published for kanidm_proto (Rust) May 6, 2026
mbarbero Credited to mbarbero
Kanidm has non-constant-time comparison of OAuth2 client_secret Low
GHSA-53hj-r94p-8c8f was published for kanidm (Rust) May 6, 2026
mbarbero Credited to mbarbero
Kanidm: Stored HTML injection in "passkey-enrolment" partial via displayname → htmx-driven authenticated request forgery Moderate
GHSA-gpxg-fx2g-qxj2 was published for kanidm (Rust) May 6, 2026
mbarbero Credited to mbarbero
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database