Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

16 advisories

Loading
Angular Client Hydration DOM Clobbering & Response-Cache Poisoning High
CVE-2026-54267 was published for @angular/core (npm) Jun 15, 2026
SkyZeroZx Credited to SkyZeroZx, AndrewKushnir, alan-agius4, josephperrott, and JeanMeche AndrewKushnir AndrewKushnir
alan-agius4 alan-agius4 josephperrott josephperrott JeanMeche JeanMeche
Nautobot: GitRepository.current_head field should not be writable through REST API High
CVE-2026-44798 was published for nautobot (pip) May 13, 2026
holmie Credited to holmie
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive... High Unreviewed
CVE-2025-33136 was published May 22, 2025
: Modification of Assumed-Immutable Data (MAID) vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini... High Unreviewed
CVE-2024-9876 was published Apr 30, 2025
The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through 5.11.3 are vulnerable... High Unreviewed
CVE-2023-2904 was published Jul 6, 2023
Prototype pollution in json8-merge-patch High
CVE-2020-8268 was published for json8-merge-patch (npm) May 10, 2021
Prototype Pollution in immer High
CVE-2020-28477 was published for immer (npm) Jan 20, 2021
levpachmanov Credited to levpachmanov
Prototype Pollution in json-logic-js High
GHSA-m9hw-7xfv-wqg7 was published for json-logic-js (npm) Nov 12, 2020
Prototype pollution in object-path High
CVE-2020-15256 was published for object-path (npm) Oct 19, 2020
alromh87 Credited to alromh87, JamieSlome, Asjidkalam, and huntr-helper JamieSlome JamieSlome
Asjidkalam Asjidkalam huntr-helper huntr-helper
Prototype Pollution High
CVE-2020-8147 was published for utils-extend (npm) Sep 3, 2020
dot-prop Prototype Pollution vulnerability High
CVE-2020-8116 was published for dot-prop (npm) Jul 29, 2020
Prototype Pollution in handlebars High
GHSA-q42p-pg8m-cqh6 was published for handlebars (npm) Jun 5, 2019
Prototype Pollution in defaults-deep High
CVE-2018-3723 was published for defaults-deep (npm) Jul 26, 2018
seng1e Credited to seng1e
Prototype Pollution in merge-deep High
CVE-2018-3722 was published for merge-deep (npm) Jul 26, 2018
Prototype Pollution in assign-deep High
CVE-2018-3720 was published for assign-deep (npm) Jul 26, 2018
Prototype Pollution in mixin-deep High
CVE-2018-3719 was published for mixin-deep (npm) Jul 26, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database