Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
MinIO LDAP login brute-force via user enumeration and missing rate limit Critical
CVE-2026-33419 was published for github.com/minio/minio (Go) Mar 20, 2026
harshavardhana Credited to harshavardhana, donatello, and taran-p donatello donatello
taran-p taran-p
Zitadel has a user enumeration vulnerability in Login UIs Moderate
CVE-2026-23511 was published for github.com/zitadel/zitadel (Go) Jan 15, 2026
IAM-marco Credited to IAM-marco, livio-a, and mntns livio-a livio-a
mntns mntns
Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists Moderate
CVE-2025-69413 was published for code.gitea.io/gitea (Go) Jan 1, 2026
CasaOS Username Enumeration - Bypass of CVE-2024-24766 Moderate
CVE-2024-28232 was published for github.com/IceWhaleTech/CasaOS-UserService (Go) Apr 1, 2024
DrDark1999 Credited to DrDark1999
CasaOS Username Enumeration Moderate
CVE-2024-24766 was published for github.com/IceWhaleTech/CasaOS-UserService (Go) Mar 6, 2024
DrDark1999 Credited to DrDark1999
Answer has Observable Response Discrepancy Moderate
CVE-2023-1540 was published for github.com/answerdev/answer (Go) Mar 21, 2023
Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030) Moderate
CVE-2019-19030 was published for github.com/goharbor/harbor (Go) Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database