Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation Critical
CVE-2026-4599 was published for jsrsasign (npm) Mar 23, 2026
BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware... Moderate Unreviewed
CVE-2025-62000 was published Dec 18, 2025
Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-55333 was published Oct 14, 2025
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation Moderate
CVE-2025-46722 was published for vllm (pip) May 28, 2025
kexinoh Credited to kexinoh, DarkLight1337, and russellb DarkLight1337 DarkLight1337
russellb russellb
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17... Low Unreviewed
CVE-2024-5528 was published Feb 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database