Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
ORAS Go forwards registry credentials across registry redirects Moderate
GHSA-vh4v-2xq2-g5cg was published for oras.land/oras-go/v2 (Go) Jul 1, 2026
mosskappa Credited to mosskappa
pnpm binds unscoped user-level npm auth credentials to a repository-selected registry Moderate
CVE-2026-50017 was published for pnpm (npm) Jun 26, 2026
mosskappa Credited to mosskappa
mise HTTP backend uses raw version path for install symlink destination Moderate
CVE-2026-54557 was published for mise (Rust) Jun 23, 2026
mosskappa Credited to mosskappa
runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations Moderate
CVE-2026-41579 was published for github.com/opencontainers/runc (Go) Jun 22, 2026
mosskappa Credited to mosskappa and Dmanzella Dmanzella Dmanzella
ProTip! Advisories are also available from the GraphQL API