GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
11 advisories
cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
High
CVE-2026-26007
was published
for
cryptography
(pip)
Feb 10, 2026
OpenList has Insecure TLS Default Configuration
High
CVE-2026-25060
was published
for
github.com/OpenListTeam/OpenList/v4
(Go)
Feb 2, 2026
OpenList vulnerable to Path Traversal in file copy and remove handlers
High
CVE-2026-25059
was published
for
github.com/OpenListTeam/OpenList/v4
(Go)
Feb 2, 2026
sm-crypto Affected by Signature Forgery in SM2-DSA
High
CVE-2026-23965
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Signature Malleability in SM2-DSA
High
CVE-2026-23967
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Private Key Recovery in SM2-PKE
Critical
CVE-2026-23966
was published
for
sm-crypto
(npm)
Jan 21, 2026
RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE
High
CVE-2026-22700
was published
for
sm2
(Rust)
Jan 13, 2026
SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
High
CVE-2026-22699
was published
for
sm2
(Rust)
Jan 9, 2026
SM2-PKE has 32-bit Biased Nonce Vulnerability
High
CVE-2026-22698
was published
for
sm2
(Rust)
Jan 9, 2026
Flowise is vulnerable to arbitrary file exposure through its ReadFileTool
High
GHSA-j44m-5v8f-gc9c
was published
for
flowise
(npm)
Oct 10, 2025
Flowise is vulnerable to arbitrary file write through its WriteFileTool
Critical
CVE-2025-61913
was published
for
Flowise
(npm)
Oct 9, 2025
ProTip!
Advisories are also available from the
GraphQL API