GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,671
Composer 5,012
Erlang 39
GitHub Actions 38
Go 2,655
Maven 6,111
npm 4,284
NuGet 760
pip 4,067
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,381

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

34 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-33026 was published Apr 15, 2025

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This... Moderate Unreviewed

CVE-2025-33027 was published Apr 15, 2025

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd... Moderate Unreviewed

CVE-2024-52976 was published May 1, 2025

A flaw was found in Yelp. The Gnome user help application allows the help document to execute... Moderate Unreviewed

CVE-2025-3155 was published Apr 3, 2025

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or -... Moderate Unreviewed

CVE-2025-54558 was published Jul 25, 2025

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic... Moderate Unreviewed

CVE-2025-57729 was published Aug 20, 2025

Electron has ASAR Integrity Bypass via resource modification Moderate

CVE-2025-55305 was published for electron (npm) Sep 3, 2025

Credited to dariushoule

DNN allows loading unused themes on anonymous clients through query parameters Moderate

CVE-2025-59535 was published for DotNetNuke.Core (NuGet) Sep 22, 2025

Credited to 6TELOIV, bdukes, and valadas

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary... Moderate Unreviewed

CVE-2025-62186 was published Oct 7, 2025

Previous 12Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34 advisories