GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2 advisories
Pepr Has Overly Permissive RBAC ClusterRole in Admin Mode
Low
CVE-2026-23634
was published
for
pepr
(npm)
Jan 15, 2026
Harden-Runner allows evasion of 'disable-sudo' policy
Moderate
CVE-2025-32955
was published
for
step-security/harden-runner
(GitHub Actions)
Apr 22, 2025
ProTip!
Advisories are also available from the
GraphQL API