Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
58
GitHub Actions
50
Go
3,791
Maven
5,000+
npm
5,000+
NuGet
938
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,349
Swift
54
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
rpassword affected by partial password reveal when input is interrupted Low
GHSA-2p6r-x3vv-xqm2 was published for rpassword (Rust) May 6, 2026
DevLaTron Credited to DevLaTron and squell squell squell
nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals High
CVE-2026-34065 was published for nimiq-primitives (Rust) Apr 22, 2026
1seal Credited to 1seal and paberr paberr paberr
Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future Moderate
CVE-2026-27195 was published for wasmtime (Rust) Feb 24, 2026
dicej Credited to dicej
RustFS gRPC GetMetrics deserialization panic enables remote DoS Moderate
CVE-2025-69255 was published for rustfs (Rust) Jan 7, 2026
max-r-b Credited to max-r-b and enitmar enitmar enitmar
matrix-sdk-base denial of service via custom m.room.join_rules event values Low
CVE-2025-66622 was published for matrix-sdk-base (Rust) Dec 8, 2025
Wasmtime vulnerable to segfault when using component resources Low
CVE-2025-62711 was published for wasmtime (Rust) Oct 27, 2025
alexcrichton Credited to alexcrichton
loona-hpack Panic Vulnerability Moderate
CVE-2024-51502 was published for loona-hpack (Rust) Nov 4, 2024
Tonic has remotely exploitable denial of service vulnerability Moderate
CVE-2024-47609 was published for tonic (Rust) Oct 1, 2024
jayvdb Credited to jayvdb
Apollo Router Unnamed "Subscription" operation results in Denial-of-Service Moderate
CVE-2023-41317 was published for apollo-router (Rust) Sep 7, 2023
nmoutschen Credited to nmoutschen, abernix, o0Ignition0o, BrynCooke, peakematt, jasonbarnett667, and Geal abernix abernix
o0Ignition0o o0Ignition0o BrynCooke BrynCooke peakematt peakematt jasonbarnett667 jasonbarnett667 Geal Geal
Comrak AST node data is not validated (GHSL-2023-049) Moderate
CVE-2023-28631 was published for comrak (Rust) Mar 28, 2023
darakian Credited to darakian
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database