Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding) High
CVE-2026-25726 was published for github.com/cloudreve/Cloudreve/v4 (Go) Mar 31, 2026
orenyomtov Credited to orenyomtov
Fiber has an insecure fallback in utils.UUIDv4() / utils.UUID() — predictable / zero‑UUID on crypto/rand failure Critical
CVE-2025-66630 was published for github.com/gofiber/fiber/v2 (Go) Feb 9, 2026
sixcolors Credited to sixcolors
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values Critical
CVE-2025-66565 was published for github.com/gofiber/utils (Go) Dec 8, 2025
sixcolors Credited to sixcolors
Withdrawn Advisory: go-mysql affected by go.uuid's Predictable UUID Identifiers Critical
GHSA-rc7v-65v6-m2v3 was published for github.com/go-mysql-org/go-mysql (Go) Oct 28, 2024 withdrawn
Fidget-Grep Credited to Fidget-Grep
go.uuid has Predictable UUID Identifiers Critical
CVE-2021-3538 was published for github.com/satori/go.uuid (Go) Feb 7, 2023
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone High
CVE-2020-28924 was published for github.com/rclone/rclone (Go) Jun 10, 2021
miekg/dns insecurely generates random numbers Moderate
CVE-2019-19794 was published for github.com/miekg/dns (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database