Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,718
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,943
Pub
13
RubyGems
1,055
Rust
1,338
Swift
54
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
binary-parser library has a code injection vulnerability Moderate
CVE-2026-1245 was published for binary-parser (npm) Jan 20, 2026
sei-vsarvepalli Credited to sei-vsarvepalli
node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization High
CVE-2025-12816 was published for node-forge (npm) Nov 26, 2025
wodzen Credited to wodzen and sei-vsarvepalli sei-vsarvepalli sei-vsarvepalli
expr-eval does not restrict functions passed to the evaluate function High
CVE-2025-12735 was published for expr-eval (npm) Nov 5, 2025
sei-vsarvepalli Credited to sei-vsarvepalli
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database