Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,706
Maven
5,000+
npm
5,000+
NuGet
934
pip
4,936
Pub
13
RubyGems
1,053
Rust
1,332
Swift
53
Unreviewed advisories
All unreviewed
5,000+

126 advisories

Loading
CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause ... Low Unreviewed
CVE-2026-2401 was published Apr 14, 2026
A potential vulnerability was reported in the Lenovo FileZ Android application that, under... Low Unreviewed
CVE-2026-0520 was published Mar 11, 2026
HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames... Low Unreviewed
CVE-2026-21791 was published Mar 10, 2026
HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is... Low Unreviewed
CVE-2026-21786 was published Mar 5, 2026
@backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass Low
CVE-2026-29184 was published for @backstage/plugin-scaffolder-backend (npm) Mar 5, 2026
The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3,... Low Unreviewed
CVE-2026-20663 was published Feb 12, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2026-20646 was published Feb 12, 2026
Llama Stack exposes secret in initialization log Low
CVE-2026-25211 was published for llama-stack (pip) Jan 30, 2026
RustFS's RPC signature verification logs shared secret Low
CVE-2026-22782 was published for rustfs (Rust) Jan 16, 2026
rand-tech Credited to rand-tech
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-46277 was published Dec 17, 2025
Mattermost Desktop App exposes sensitive information in its application logs Low
CVE-2025-13321 was published for mattermost-desktop (npm) Dec 17, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43517 was published Dec 12, 2025
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to... Low Unreviewed
CVE-2025-13743 was published Dec 9, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18... Low Unreviewed
CVE-2025-13611 was published Nov 26, 2025
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets... Low Unreviewed
CVE-2025-20373 was published Nov 26, 2025
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR... Low Unreviewed
CVE-2025-12940 was published Nov 11, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.1 and... Low Unreviewed
CVE-2025-43423 was published Nov 4, 2025
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a... Low Unreviewed
CVE-2025-11248 was published Oct 27, 2025
An Insertion of Sensitive Information into Log File vulnerability [CWE-532] in FortiOS 7.6.0... Low Unreviewed
CVE-2025-31514 was published Oct 14, 2025
IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files... Low Unreviewed
CVE-2023-50301 was published Oct 1, 2025
IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could... Low Unreviewed
CVE-2025-36144 was published Sep 27, 2025
A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in... Low Unreviewed
CVE-2025-4234 was published Sep 12, 2025
On affected platforms running Arista EOS, the global common encryption key configuration may be... Low Unreviewed
CVE-2025-3456 was published Aug 26, 2025
Template Secret leakage in logs in Scaffolder when using `fetch:template` Low
CVE-2025-55285 was published for @backstage/plugin-scaffolder-backend (npm) Aug 15, 2025
cai0duque Credited to cai0duque
Insertion of sensitive information into log file issue exists in "region PAY" App for Android... Low Unreviewed
CVE-2025-52580 was published Jul 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database