GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,178 advisories
tiny-secp256k1 vulnerable to private key extraction when signing a malicious JSON-stringifyable message in bundled environment
High
CVE-2024-49364
was published
for
tiny-secp256k1
(npm)
Jun 30, 2025
Requests vulnerable to .netrc credentials leak via malicious URLs
Moderate
CVE-2024-47081
was published
for
requests
(pip)
Jun 9, 2025
Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS
Moderate
CVE-2025-32963
was published
for
github.com/minio/operator
(Go)
Apr 21, 2025
ProTip!
Advisories are also available from the
GraphQL API