GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
86 advisories
OliveTin's email argument makes compliance harder, enables log injection
Moderate
GHSA-xx6g-43w2-9g6g
was published
for
github.com/OliveTin/OliveTin
(Go)
Mar 12, 2026
OpenClaw log poisoning (indirect prompt injection) via WebSocket headers
Low
GHSA-g27f-9qjv-22pm
was published
for
openclaw
(npm)
Feb 17, 2026
Keycloak logs sensitive headers
Moderate
CVE-2025-11537
was published
for
org.keycloak:keycloak-quarkus-server
(Maven)
Feb 10, 2026
go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Moderate
CVE-2025-11065
was published
for
github.com/go-viper/mapstructure/v2
(Go)
Aug 21, 2025
Litestar has potential log injection in exception logging
Low
GHSA-674p-xv2x-rf3g
was published
for
litestar
(pip)
Aug 11, 2025
MS SWIFT WEB-UI RCE Vulnerability
Moderate
CVE-2025-41419
was published
for
ms-swift
(pip)
Jul 31, 2025
Apache Struts Extras Before 2 has an Improper Output Neutralization for Logs Vulnerability
Moderate
CVE-2025-54656
was published
for
org.apache.struts:struts-extras
(Maven)
Jul 30, 2025
ProTip!
Advisories are also available from the
GraphQL API