Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,950
Maven
5,000+
npm
4,596
NuGet
787
pip
4,301
Pub
12
RubyGems
982
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,421 advisories

Loading
Tanium addressed a denial of service vulnerability in Tanium Client. Low Unreviewed
CVE-2025-15320 was published Feb 6, 2026
A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d.... Low Unreviewed
CVE-2026-2010 was published Feb 6, 2026
Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device... Low Unreviewed
CVE-2026-25815 was published Feb 6, 2026
Tanium addressed an improper certificate validation vulnerability in Tanium Appliance. Low Unreviewed
CVE-2025-15323 was published Feb 5, 2026
Tanium addressed an improper access controls vulnerability in Interact. Low Unreviewed
CVE-2025-15289 was published Feb 5, 2026
Tanium addressed an improper input validation vulnerability in Tanium Appliance. Low Unreviewed
CVE-2025-15321 was published Feb 5, 2026
YugabyteDB Anywhere displays LDAP bind passwords configured via gflags in cleartext within the... Low Unreviewed
CVE-2026-1966 was published Feb 5, 2026
It was possible to improperly access the parent directory of an os.Root by opening a filename... Low Unreviewed
CVE-2025-22873 was published Feb 5, 2026
A security vulnerability has been detected in WeKan up to 8.20. This affects the function... Low Unreviewed
CVE-2026-1892 was published Feb 5, 2026
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a... Low Unreviewed
CVE-2025-1823 was published Feb 4, 2026
IBM Jazz Reporting Service could allow an authenticated user on the host network to obtain... Low Unreviewed
CVE-2025-27550 was published Feb 4, 2026
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system... Low Unreviewed
CVE-2025-2134 was published Feb 4, 2026
A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an... Low Unreviewed
CVE-2026-20732 was published Feb 4, 2026
A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow... Low Unreviewed
CVE-2026-20730 was published Feb 4, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and... Low Unreviewed
CVE-2026-1791 was published Feb 4, 2026
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability... Low Unreviewed
CVE-2025-52633 was published Feb 3, 2026
HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field... Low Unreviewed
CVE-2025-52623 was published Feb 3, 2026
HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header... Low Unreviewed
CVE-2025-52631 was published Feb 3, 2026
HCL AION is susceptible to Missing Content-Security-Policy.  An The absence of a CSP header may... Low Unreviewed
CVE-2025-52629 was published Feb 3, 2026
In mObywatel iOS application an unauthorized user can use the App Switcher to view the account... Low Unreviewed
CVE-2025-11598 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from *... Low Unreviewed
CVE-2025-61652 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61656 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61657 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61655 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61651 was published Feb 3, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database