Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,323
Maven
5,000+
npm
5,000+
NuGet
880
pip
4,533
Pub
12
RubyGems
1,010
Rust
1,201
Swift
51
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote... Moderate Unreviewed
CVE-2026-20122 was published Feb 25, 2026
Apache Airflow Has an Authorization Bypass That Allows Unauthorized Task Log Access Moderate
CVE-2026-22922 was published for apache-airflow (pip) Feb 9, 2026
saivarun3407 Credited to saivarun3407 and tei-dunamu tei-dunamu tei-dunamu
When processing API requests, the Alteryx server 2022.1.1.42654 and 2024.1 used MongoDB object... Moderate Unreviewed
CVE-2025-63291 was published Nov 14, 2025
An authenticated, read-only user can kill any processes running on the Xormon Original virtual... Moderate Unreviewed
CVE-2025-54767 was published Jul 29, 2025
An API endpoint that should be limited to web application administrators is hidden from, but... Moderate Unreviewed
CVE-2025-54766 was published Jul 29, 2025
An API endpoint that should be limited to web application administrators is hidden from, but... Moderate Unreviewed
CVE-2025-54768 was published Jul 29, 2025
An API endpoint that should be limited to web application administrators is hidden from, but... Moderate Unreviewed
CVE-2025-54765 was published Jul 29, 2025
In affected versions of Octopus Deploy where customers are using Active Directory for... Moderate Unreviewed
CVE-2025-0589 was published Feb 11, 2025
Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query... Moderate Unreviewed
CVE-2024-53007 was published Jan 31, 2025
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20136 was published Jun 28, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine could... Moderate Unreviewed
CVE-2022-20965 was published Jan 20, 2023
usememos/memos Incorrect Use of Privileged APIs vulnerability Moderate
CVE-2022-4805 was published for github.com/usememos/memos (Go) Dec 28, 2022
Specially crafted API calls may allow an authenticated user who holds Organization Owner... Moderate Unreviewed
CVE-2020-7927 was published May 24, 2022
Incorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx Moderate
CVE-2022-24821 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Apr 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database