Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,722
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,946
Pub
13
RubyGems
1,055
Rust
1,338
Swift
54
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and... Moderate Unreviewed
CVE-2026-28950 was published Apr 22, 2026
Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox... Moderate Unreviewed
CVE-2026-6765 was published Apr 21, 2026
LangSmith SDK: Streaming token events bypass output redaction Moderate
CVE-2026-41182 was published for langsmith (npm) Apr 16, 2026
Ryu7zz Credited to Ryu7zz
SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to... Moderate Unreviewed
CVE-2026-24321 was published Feb 10, 2026
Apache Answer Exposure of Private Personal Information to an Unauthorized Actor vulnerability Moderate
CVE-2026-24735 was published for github.com/apache/answer (Go) Feb 4, 2026
Gitea: anonymous user can visit private user's project Moderate
CVE-2025-68945 was published for code.gitea.io/gitea (Go) Dec 26, 2025
AVideo versions prior to 20.0 expose sensitive user information through an unauthenticated public... Moderate Unreviewed
CVE-2025-34441 was published Dec 17, 2025
The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed
CVE-2025-0969 was published Dec 13, 2025
The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-12536 was published Nov 13, 2025
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX... Moderate Unreviewed
CVE-2025-36131 was published Nov 7, 2025
HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application... Moderate Unreviewed
CVE-2025-52602 was published Nov 5, 2025
Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre... Moderate Unreviewed
CVE-2025-35981 was published Oct 23, 2025
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global... Moderate Unreviewed
CVE-2025-62644 was published Oct 17, 2025
An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in... Moderate Unreviewed
CVE-2025-53950 was published Oct 16, 2025
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing... Moderate Unreviewed
CVE-2025-10859 was published Sep 30, 2025
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43310 was published Sep 16, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2025-43279 was published Sep 16, 2025
Presta Shop vulnerable to email enumeration Moderate
CVE-2025-51586 was published for prestashop/prestashop (Composer) Sep 4, 2025
A low-privileged remote attacker can obtain the username of another registered Sunny Portal user... Moderate Unreviewed
CVE-2025-41685 was published Aug 19, 2025
Exposure of private personal information to an unauthorized actor in Azure Stack allows an... Moderate Unreviewed
CVE-2025-53765 was published Aug 12, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2025-43259 was published Jul 30, 2025
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18... Moderate Unreviewed
CVE-2025-43217 was published Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and... Moderate Unreviewed
CVE-2025-31276 was published Jul 30, 2025
A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2... Moderate Unreviewed
CVE-2025-6017 was published Jul 2, 2025
Sensitive device logger information in ASPECT may be exposed if administrator credentials become... Moderate Unreviewed
CVE-2024-13953 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database