GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
363 advisories
org.eclipse.jetty:jetty-http has different parsing of invalid URIs
Low
CVE-2025-11143
was published
for
org.eclipse.jetty:jetty-http
(Maven)
Mar 5, 2026
Keycloak Admin API allows an administrator with limited privileges to retrieve sensitive custom attributes
Low
CVE-2025-13881
was published
for
org.keycloak:keycloak-services
(Maven)
Feb 2, 2026
Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions
Low
CVE-2025-14082
was published
for
org.keycloak:keycloak-services
(Maven)
Dec 10, 2025
Rhino has high CPU usage and potential DoS when passing specific numbers to `toFixed()` function
Low
CVE-2025-66453
was published
for
org.mozilla:rhino
(Maven)
Dec 3, 2025
ProTip!
Advisories are also available from the
GraphQL API