Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,950
Maven
5,000+
npm
4,596
NuGet
787
pip
4,301
Pub
12
RubyGems
982
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

957 advisories

Loading
Tanium addressed an information disclosure vulnerability in Threat Response. Moderate Unreviewed
CVE-2025-15332 was published Feb 5, 2026
Neo4j Enterprise and Community vulnerable to a potential information disclosure Moderate
CVE-2026-1622 was published for org.neo4j:neo4j (Maven) Feb 4, 2026
RustFS Logs Sensitive Credentials in Plaintext Moderate
CVE-2026-24762 was published for rustfs (Rust) Feb 3, 2026
cchheang
Credited to cchheang
vLLM has RCE In Video Processing Critical
CVE-2026-22778 was published for vllm (pip) Feb 2, 2026
dan-sec-ops DarkLight1337
russellb
Credited to dan-sec-ops, DarkLight1337, and russellb
Llama Stack exposes secret in initialization log Low
CVE-2026-25211 was published for llama-stack (pip) Jan 30, 2026
An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions... Moderate Unreviewed
CVE-2026-0936 was published Jan 29, 2026
IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read... Moderate Unreviewed
CVE-2025-13925 was published Jan 20, 2026
Apache Linkis: Password Exposure Moderate
CVE-2025-59355 was published for org.apache.linkis:linkis-metadata (Maven) Jan 19, 2026
In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted... Moderate Unreviewed
CVE-2026-0519 was published Jan 17, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-43508 was published Jan 16, 2026
RustFS's RPC signature verification logs shared secret Low
CVE-2026-22782 was published for rustfs (Rust) Jan 16, 2026
rand-tech
Credited to rand-tech
Apache Airflow proxy credentials for various providers might leak in task logs High
CVE-2025-68675 was published for apache-airflow (pip) Jan 16, 2026
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log High
CVE-2026-23493 was published for pimcore/pimcore (Composer) Jan 15, 2026
putzflorian
Credited to putzflorian
hermes's raw options logging may disclose secrets passed in via subcommand options argument Moderate
CVE-2026-22798 was published for hermes (pip) Jan 13, 2026
thunze sdruskat
zyzzyxdonta
Credited to thunze, sdruskat, and zyzzyxdonta
Insertion of sensitive information into log file in Windows Kernel allows an unauthorized... Moderate Unreviewed
CVE-2026-20818 was published Jan 13, 2026
Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Management Software) before 16.8... Moderate Unreviewed
CVE-2025-68919 was published Dec 24, 2025
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0,... Moderate Unreviewed
CVE-2025-36133 was published Dec 18, 2025
The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure... High Unreviewed
CVE-2025-14437 was published Dec 18, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-46277 was published Dec 17, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and... Moderate Unreviewed
CVE-2025-43475 was published Dec 17, 2025
Mattermost Desktop App exposes sensitive information in its application logs Low
CVE-2025-13321 was published for mattermost-desktop (npm) Dec 17, 2025
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft... High Unreviewed
CVE-2025-14432 was published Dec 16, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43517 was published Dec 12, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43538 was published Dec 12, 2025
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to... Low Unreviewed
CVE-2025-13743 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database