GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
61 advisories
OliveTin's email argument makes compliance harder, enables log injection
Moderate
GHSA-xx6g-43w2-9g6g
was published
for
github.com/OliveTin/OliveTin
(Go)
Mar 12, 2026
Keycloak logs sensitive headers
Moderate
CVE-2025-11537
was published
for
org.keycloak:keycloak-quarkus-server
(Maven)
Feb 10, 2026
go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Moderate
CVE-2025-11065
was published
for
github.com/go-viper/mapstructure/v2
(Go)
Aug 21, 2025
MS SWIFT WEB-UI RCE Vulnerability
Moderate
CVE-2025-41419
was published
for
ms-swift
(pip)
Jul 31, 2025
Apache Struts Extras Before 2 has an Improper Output Neutralization for Logs Vulnerability
Moderate
CVE-2025-54656
was published
for
org.apache.struts:struts-extras
(Maven)
Jul 30, 2025
Envoy Gateway Log Injection Vulnerability
Moderate
CVE-2025-25294
was published
for
github.com/envoyproxy/gateway
(Go)
Mar 6, 2025
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Moderate
CVE-2025-27111
was published
for
rack
(RubyGems)
Mar 4, 2025
ProTip!
Advisories are also available from the
GraphQL API