Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,193
Erlang
25
GitHub Actions
39
Go
2,385
Maven
3,027
npm
3,078
NuGet
529
pip
2,897
Pub
5
RubyGems
442
Rust
905
Swift
20
Unreviewed advisories
All unreviewed
5,000+

23 advisories

Loading
XiangShan (Open-source high-performance RISC-V processor) commit... High Unreviewed
CVE-2026-29643 was published Apr 21, 2026
rPGP vulnerable to parser crash on crafted RSA secret key packets through CVE-2026-21895 High
GHSA-7587-4wv6-m68m was published for pgp (Rust) Feb 13, 2026
invd Credited to invd
Emmett-Core: Unhandled CookieError Exception Causing Denial of Service High
CVE-2026-25577 was published for emmett-core (pip) Feb 10, 2026
Ryu-GeonWoo Credited to Ryu-GeonWoo
chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass... High Unreviewed
CVE-2025-70758 was published Feb 3, 2026
Decidim's private data exports can lead to data leaks High
CVE-2025-65017 was published for decidim (RubyGems) Feb 3, 2026
ahukkanen Credited to ahukkanen
CometBFT has inconsistencies between how commit signatures are verified and how block time is derived High
GHSA-c32p-wcqj-j677 was published for github.com/cometbft/cometbft (Go) Jan 23, 2026
Nodemailer’s addressparser is vulnerable to DoS caused by recursive calls High
CVE-2025-14874 was published for nodemailer (npm) Dec 1, 2025
uko3211 Credited to uko3211
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability... High Unreviewed
CVE-2025-13016 was published Nov 11, 2025
Under undisclosed traffic conditions along with conditions beyond the attacker's control,... High Unreviewed
CVE-2025-58153 was published Oct 15, 2025
HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service High
CVE-2025-54134 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025
asareynolds Credited to asareynolds
In wlan, there is a possible denial of service due to incorrect error handling. This could lead... High Unreviewed
CVE-2024-20089 was published Sep 2, 2024
Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions High
CVE-2024-6468 was published for github.com/hashicorp/vault (Go) Jul 11, 2024
westonsteimel Credited to westonsteimel
An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol... High Unreviewed
CVE-2024-39514 was published Jul 11, 2024
node-twain vulnerable to Improper Check or Handling of Exceptional Conditions High
CVE-2024-21525 was published for node-twain (npm) Jul 10, 2024
The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS... High Unreviewed
CVE-2024-27832 was published Jun 10, 2024
Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions High
CVE-2023-45812 was published for apollo-router (Rust) Oct 19, 2023
garypen Credited to garypen, BrynCooke, BryanBarron, jasonbarnett667, and shorgi BrynCooke BrynCooke
BryanBarron BryanBarron jasonbarnett667 jasonbarnett667 shorgi shorgi
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0204 was published Apr 22, 2023
An Improper Check or Handling of Exceptional Conditions within the storm control feature of... High Unreviewed
CVE-2023-28965 was published Apr 18, 2023
The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling... High Unreviewed
CVE-2022-41589 was published Oct 14, 2022
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker... High Unreviewed
CVE-2021-25380 was published May 24, 2022
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds... High Unreviewed
CVE-2021-25372 was published May 24, 2022
Unhandled case in node-lmdb High
CVE-2022-21164 was published for node-lmdb (npm) Mar 17, 2022
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022... High Unreviewed
CVE-2022-22265 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database