Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
File Browser has a DoS Vulnerability via Public Login API High
CVE-2026-54092 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
AshrafIbrahim03 Credited to AshrafIbrahim03
iskorotkov/avro: CPU Exhaustion in Decoder High
CVE-2026-46385 was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
iskorotkov/avro: Integer Overflow in Decoder High
CVE-2026-46384 was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
iskorotkov/avro: Denial-of-Service Vulnerability in Decoder High
GHSA-mx64-mj3q-7prj was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration Moderate
CVE-2025-68383 was published for github.com/elastic/beats (Go) Dec 19, 2025
GoBGP crashes in the flowspec parser Moderate
CVE-2025-43972 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
GoBGP does not properly check the input length Moderate
CVE-2025-43970 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
IPFS go-bitfield vulnerable to DoS via malformed size arguments Moderate
CVE-2023-23626 was published for github.com/ipfs/go-bitfield (Go) Feb 10, 2023
Jorropo Credited to Jorropo
Unauthenticated control plane denial of service attack in Istio High
CVE-2022-23635 was published for istio.io/istio (Go) Feb 23, 2022
AdamKorcz Credited to AdamKorcz and howardjohn howardjohn howardjohn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database