Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

13,275 advisories

Loading
ingress-nginx has Improper Check for Unusual or Exceptional Conditions Low
CVE-2026-24513 was published for k8s.io/ingress-nginx (Go) Feb 4, 2026
HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field... Low Unreviewed
CVE-2025-52623 was published Feb 3, 2026
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability... Low Unreviewed
CVE-2025-52633 was published Feb 3, 2026
HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header... Low Unreviewed
CVE-2025-52631 was published Feb 3, 2026
Qwik City Open Redirect via fixTrailingSlash Low
CVE-2026-25149 was published for @builder.io/qwik-city (npm) Feb 3, 2026
wodzen
Credited to wodzen
Podinfo affected by Arbitrary File Upload that leads to Stored Cross-Site Scripting (XSS) Low
CVE-2025-70849 was published for github.com/stefanprodan/podinfo (Go) Feb 3, 2026
HCL AION is susceptible to Missing Content-Security-Policy.  An The absence of a CSP header may... Low Unreviewed
CVE-2025-52629 was published Feb 3, 2026
Django has Observable Timing Discrepancy Low
CVE-2025-13473 was published for Django (pip) Feb 3, 2026
Django has Inefficient Algorithmic Complexity Low
CVE-2025-14550 was published for Django (pip) Feb 3, 2026
Django has Inefficient Algorithmic Complexity Low
CVE-2026-1285 was published for Django (pip) Feb 3, 2026
In mObywatel iOS application an unauthorized user can use the App Switcher to view the account... Low Unreviewed
CVE-2025-11598 was published Feb 3, 2026
Moodle Open Redirect vulnerability Low
CVE-2025-67852 was published for moodle/moodle (Composer) Feb 3, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed
CVE-2025-67476 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-67475 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program... Low Unreviewed
CVE-2025-67478 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is... Low Unreviewed
CVE-2025-67479 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-67477 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed
CVE-2025-67480 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This... Low Unreviewed
CVE-2025-67482 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed
CVE-2025-67484 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61651 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from *... Low Unreviewed
CVE-2025-61652 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61656 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61655 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program... Low Unreviewed
CVE-2025-61653 was published Feb 3, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database