GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
OpenList has Insecure TLS Default Configuration
High
CVE-2026-25060
was published
for
github.com/OpenListTeam/OpenList/v4
(Go)
Feb 2, 2026
OpenList vulnerable to Path Traversal in file copy and remove handlers
High
CVE-2026-25059
was published
for
github.com/OpenListTeam/OpenList/v4
(Go)
Feb 2, 2026
sm-crypto Affected by Signature Forgery in SM2-DSA
High
CVE-2026-23965
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Signature Malleability in SM2-DSA
High
CVE-2026-23967
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Private Key Recovery in SM2-PKE
Critical
CVE-2026-23966
was published
for
sm-crypto
(npm)
Jan 21, 2026
RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE
High
CVE-2026-22700
was published
for
sm2
(Rust)
Jan 13, 2026
SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
High
CVE-2026-22699
was published
for
sm2
(Rust)
Jan 9, 2026
SM2-PKE has 32-bit Biased Nonce Vulnerability
High
CVE-2026-22698
was published
for
sm2
(Rust)
Jan 9, 2026
Flowise is vulnerable to arbitrary file exposure through its ReadFileTool
High
GHSA-j44m-5v8f-gc9c
was published
for
flowise
(npm)
Oct 10, 2025
Flowise is vulnerable to arbitrary file write through its WriteFileTool
Critical
CVE-2025-61913
was published
for
Flowise
(npm)
Oct 9, 2025
ProTip!
Advisories are also available from the
GraphQL API