Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to... High Unreviewed
CVE-2026-26129 was published May 8, 2026
Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability Low
CVE-2026-32178 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Apr 14, 2026
A vulnerability in the implementation of the proprietary SSH stack with SSH key-based... Moderate Unreviewed
CVE-2026-20009 was published Mar 4, 2026
tarteaucitron.js vulnerable to DOM Clobbering via document.currentScript Moderate
CVE-2025-48939 was published for tarteaucitronjs (npm) Jul 3, 2025
Rudloff Credited to Rudloff
Windows Kernel Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38133 was published Aug 13, 2024
Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62... High Unreviewed
CVE-2023-7012 was published Jul 17, 2024
Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-42117 was published May 3, 2024
An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5,... Moderate Unreviewed
CVE-2023-1279 was published Sep 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2.0. Committing... Moderate Unreviewed
CVE-2023-4522 was published Aug 30, 2023
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0... Moderate Unreviewed
CVE-2023-22288 was published Mar 20, 2023
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and... High Unreviewed
CVE-2022-3026 was published Sep 7, 2022
The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV... High Unreviewed
CVE-2022-2429 was published Sep 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database