Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during... Moderate Unreviewed
CVE-2025-13333 was published Feb 18, 2026
Keycloak fails to verify if an Identity Provider (IdP) is enabled before issuing tokens High
CVE-2026-1486 was published for org.keycloak:keycloak-services (Maven) Feb 9, 2026
eminaktas
Credited to eminaktas
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The... Moderate Unreviewed
CVE-2025-66607 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... Moderate Unreviewed
CVE-2025-66601 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... High Unreviewed
CVE-2025-66600 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The... Low Unreviewed
CVE-2025-66603 was published Feb 9, 2026
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar... Critical Unreviewed
CVE-2025-69234 was published Dec 30, 2025
BullWall Ransomware Containment relies on the number of file modifications to trigger detection.... Moderate Unreviewed
CVE-2025-62002 was published Dec 18, 2025
Vulnerability of improper criterion security check in the card module. Impact: Successful... Moderate Unreviewed
CVE-2025-66323 was published Dec 8, 2025
Vulnerability of improper criterion security check in the call module. Impact: Successful... High Unreviewed
CVE-2025-58308 was published Nov 28, 2025
Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a... High Unreviewed
CVE-2025-62585 was published Oct 16, 2025
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab... Critical Unreviewed
CVE-2025-62583 was published Oct 16, 2025
An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiProxy 7.6.0... Moderate Unreviewed
CVE-2025-25255 was published Oct 14, 2025
HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP). These can result... Moderate Unreviewed
CVE-2025-31969 was published Oct 12, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43262 was published Sep 16, 2025
Improperly implemented security check for standard in the DDRIO configuration for some Intel(R)... Moderate Unreviewed
CVE-2025-32086 was published Aug 12, 2025
A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179.... Low Unreviewed
CVE-2025-8204 was published Jul 26, 2025
An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version... Moderate Unreviewed
CVE-2024-55599 was published Jul 8, 2025
SpiceDB checks involving relations with caveats can result in no permission when permission is expected Low
CVE-2025-49011 was published for github.com/authzed/spicedb (Go) Jun 6, 2025
miparnisari
Credited to miparnisari
Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a... High Unreviewed
CVE-2025-3069 was published Apr 2, 2025
A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox... Moderate Unreviewed
CVE-2021-26105 was published Mar 24, 2025
FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6... Moderate Unreviewed
CVE-2020-9295 was published Mar 17, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21267 was published Feb 7, 2025
The Client secret is not checked when using the OAuth Password grant type. By exploiting this... Low Unreviewed
CVE-2024-12056 was published Dec 4, 2024
An improper neutralization of special elements in output used by a downstream component (... Moderate Unreviewed
CVE-2024-33510 was published Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database