Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,518
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,758
Pub
13
RubyGems
1,036
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,010 advisories

Loading
unity-cli Exposes Plaintext Credentials in Debug Logs (sign-package command) Moderate
CVE-2026-25918 was published for @rage-against-the-pixel/unity-cli (npm) Feb 10, 2026
In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs Moderate Unreviewed
CVE-2026-25846 was published Feb 9, 2026
Tanium addressed an information disclosure vulnerability in Threat Response. Moderate Unreviewed
CVE-2025-15332 was published Feb 5, 2026
Neo4j Enterprise and Community vulnerable to a potential information disclosure Moderate
CVE-2026-1622 was published for org.neo4j:neo4j (Maven) Feb 4, 2026
RustFS Logs Sensitive Credentials in Plaintext Moderate
CVE-2026-24762 was published for rustfs (Rust) Feb 3, 2026
cchheang Credited to cchheang
vLLM has RCE In Video Processing Critical
CVE-2026-22778 was published for vllm (pip) Feb 2, 2026
dan-sec-ops Credited to dan-sec-ops, DarkLight1337, and russellb DarkLight1337 DarkLight1337
russellb russellb
Llama Stack exposes secret in initialization log Low
CVE-2026-25211 was published for llama-stack (pip) Jan 30, 2026
An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions... Moderate Unreviewed
CVE-2026-0936 was published Jan 29, 2026
IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read... Moderate Unreviewed
CVE-2025-13925 was published Jan 20, 2026
Apache Linkis: Password Exposure Moderate
CVE-2025-59355 was published for org.apache.linkis:linkis-metadata (Maven) Jan 19, 2026
In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted... Moderate Unreviewed
CVE-2026-0519 was published Jan 17, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-43508 was published Jan 16, 2026
RustFS's RPC signature verification logs shared secret Low
CVE-2026-22782 was published for rustfs (Rust) Jan 16, 2026
rand-tech Credited to rand-tech
Apache Airflow proxy credentials for various providers might leak in task logs High
CVE-2025-68675 was published for apache-airflow (pip) Jan 16, 2026
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log High
CVE-2026-23493 was published for pimcore/pimcore (Composer) Jan 15, 2026
putzflorian Credited to putzflorian
hermes's raw options logging may disclose secrets passed in via subcommand options argument Moderate
CVE-2026-22798 was published for hermes (pip) Jan 13, 2026
thunze Credited to thunze, sdruskat, and zyzzyxdonta sdruskat sdruskat
zyzzyxdonta zyzzyxdonta
Insertion of sensitive information into log file in Windows Kernel allows an unauthorized... Moderate Unreviewed
CVE-2026-20818 was published Jan 13, 2026
Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Management Software) before 16.8... Moderate Unreviewed
CVE-2025-68919 was published Dec 24, 2025
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0,... Moderate Unreviewed
CVE-2025-36133 was published Dec 18, 2025
The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure... High Unreviewed
CVE-2025-14437 was published Dec 18, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-46277 was published Dec 17, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and... Moderate Unreviewed
CVE-2025-43475 was published Dec 17, 2025
Mattermost Desktop App exposes sensitive information in its application logs Low
CVE-2025-13321 was published for mattermost-desktop (npm) Dec 17, 2025
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft... High Unreviewed
CVE-2025-14432 was published Dec 16, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43517 was published Dec 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database