Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,538
Maven
5,000+
npm
5,000+
NuGet
914
pip
4,790
Pub
13
RubyGems
1,037
Rust
1,232
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,233 advisories

Loading
webpki: Name constraints were accepted for certificates asserting a wildcard name Low
GHSA-xgp8-3hg3-c2mh was published for rustls-webpki (Rust) Apr 16, 2026
1seal Credited to 1seal
webpki: Name constraints for URI names were incorrectly accepted Low
GHSA-965h-392x-2mh5 was published for rustls-webpki (Rust) Apr 16, 2026
1seal Credited to 1seal
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex... Critical Unreviewed
CVE-2026-20184 was published Apr 15, 2026
Oxia's TLS CA certificate chain validation fails with multi-certificate PEM bundles High
GHSA-7jrq-q4pq-rhm6 was published for github.com/oxia-db/oxia (Go) Apr 14, 2026
A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2),... Moderate Unreviewed
CVE-2025-40745 was published Apr 14, 2026
Sigstore Timestamp Authority has Improper Certificate Validation in verifier Moderate
CVE-2026-39984 was published for github.com/sigstore/timestamp-authority/v2 (Go) Apr 14, 2026
jku Credited to jku
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience... Low Unreviewed
CVE-2026-0233 was published Apr 13, 2026
wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which... High Unreviewed
CVE-2026-5501 was published Apr 10, 2026
URI nameConstraints from constrained intermediate CAs are parsed but not enforced during... High Unreviewed
CVE-2026-5263 was published Apr 10, 2026
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA... Critical Unreviewed
CVE-2026-5194 was published Apr 9, 2026
rfc3161-client Has Improper Certificate Validation Moderate
CVE-2026-33753 was published for rfc3161-client (pip) Apr 8, 2026
Jaynornj Credited to Jaynornj
Validating certificate chains which use policies is unexpectedly inefficient when certificates in... High Unreviewed
CVE-2026-32281 was published Apr 8, 2026
Open Cluster Management (OCM): Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation High
CVE-2026-4740 was published for open-cluster-management.io/ocm (Go) Apr 7, 2026
Improper certificate validation in the identity provider connection components in Amazon Athena... Critical Unreviewed
CVE-2026-35560 was published Apr 3, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker... High Unreviewed
CVE-2026-29140 was published Apr 2, 2026
Juju has Improper TLS Client/Server authentication and certificate verification on Database Cluster Critical
CVE-2026-4370 was published for github.com/juju/juju (Go) Apr 2, 2026
hpidcock Credited to hpidcock, tlm, manadart, and wallyworld tlm tlm
manadart manadart wallyworld wallyworld
Tesla Fleet Telemetry allows spoofing telemetry for arbitrary vehicles via compromised vehicle credentials Moderate
GHSA-prxj-3gcv-cqrh was published for github.com/teslamotors/fleet-telemetry (Go) Apr 1, 2026
yueyueL Credited to yueyueL
Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade. Moderate Unreviewed
CVE-2026-25834 was published Apr 1, 2026
A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an... Moderate Unreviewed
CVE-2026-20042 was published Apr 1, 2026
Apache Airflow Provider for Databricks: TLS Certificate Verification is Disabled in Databricks Provider K8s Token Exchange Moderate
CVE-2026-32794 was published for apache-airflow (pip) Mar 31, 2026
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper... High Unreviewed
CVE-2019-25652 was published Mar 28, 2026
Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl... Moderate Unreviewed
CVE-2025-15612 was published Mar 27, 2026
cryptography has incomplete DNS name constraint enforcement on peer names Low
CVE-2026-34073 was published for cryptography (pip) Mar 27, 2026
1seal Credited to 1seal and woodruffw woodruffw woodruffw
Incus does not verify combined fingerprint when downloading images from simplestreams servers High
CVE-2026-33542 was published for github.com/lxc/incus/v6/client (Go) Mar 27, 2026
wl2018 Credited to wl2018 and stgraber stgraber stgraber
Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation) High
CVE-2026-33896 was published for node-forge (npm) Mar 26, 2026
peaktwilight Credited to peaktwilight
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database