Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,818
Erlang
23
GitHub Actions
38
Go
2,203
Maven
2,576
npm
2,819
NuGet
487
pip
2,656
Pub
5
RubyGems
328
Rust
877
Swift
19
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
jose vulnerable to untrusted JWK header key acceptance during signature verification High
CVE-2026-34240 was published for jose (Pub) Mar 31, 2026
splitline Credited to splitline
shared_preferences_android vulnerability Low
GHSA-3hpf-ff72-j67p was published for shared_preferences_android (Pub) Dec 6, 2024
oskar-zeinomahmalat-sonarsource Credited to oskar-zeinomahmalat-sonarsource, reidbaker, and stuartmorgan-g reidbaker reidbaker
stuartmorgan-g stuartmorgan-g
Agent Dart is missing certificate verification checks High
CVE-2024-48915 was published for agent_dart (Pub) Oct 15, 2024
eduarddfinity Credited to eduarddfinity and AlexV525 AlexV525 AlexV525
pubnub Insufficient Entropy vulnerability Moderate
CVE-2023-26154 was published for Pubnub (RubyGems) Dec 6, 2023
personnummer/dart vulnerable to Improper Input Validation Low
CVE-2023-22963 was published for personnummer (Pub) Sep 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database