GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
641 advisories
Filter by severity
Better Auth has insecure cryptographic defaults in oidcProvider: alg=none advertised and plain PKCE accepted by default
High
GHSA-9h47-pqcx-hjr4
was published
for
better-auth
(npm)
Jul 7, 2026
A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the...
Low
Unreviewed
CVE-2026-14742
was published
Jul 5, 2026
A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function...
Low
Unreviewed
CVE-2026-14738
was published
Jul 5, 2026
A vulnerability has been found in ForceInjection AI-fundermentals 2.0/3.0. Affected by this...
Low
Unreviewed
CVE-2026-14630
was published
Jul 4, 2026
Steeltoe: OAEP setting silently selects PKCS#1 v1.5 padding
Low
CVE-2026-50268
was published
for
Steeltoe.Configuration.Encryption
(NuGet)
Jul 2, 2026
SurrealDB: ES512 silently downgraded to ES384 due to jsonwebtoken crate limitation
Moderate
GHSA-fwg2-gr34-q3w8
was published
for
surrealdb
(Rust)
Jul 1, 2026
Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions...
Moderate
Unreviewed
CVE-2026-57997
was published
Jun 30, 2026
A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an...
Low
Unreviewed
CVE-2026-13510
was published
Jun 29, 2026
A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function...
Low
Unreviewed
CVE-2026-13482
was published
Jun 28, 2026
The Setracker2 Android Companion App (com.tgelec.setracker) versions 3.1.5 and earlier uses MD5...
High
Unreviewed
CVE-2026-9221
was published
Jun 26, 2026
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the...
Moderate
Unreviewed
CVE-2026-6330
was published
Jun 26, 2026
Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1...
Low
Unreviewed
CVE-2026-6412
was published
Jun 25, 2026
ML-KEM-1024 x64 AVX2 implicit rejection failure in the Fujisaki-Okamoto transform breaks IND-CCA2...
Moderate
Unreviewed
CVE-2026-10097
was published
Jun 25, 2026
CoreWCF: WS-Security Reference DigestMethod Algorithm-Suite Bypass
Low
CVE-2026-54780
was published
for
CoreWCF.Primitives
(NuGet)
Jun 19, 2026
Dell PowerFlex Manager, version(s) 4.6.0.1, contain(s) an Use of a Broken or Risky Cryptographic...
Moderate
Unreviewed
CVE-2026-40641
was published
Jun 17, 2026
Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
High
Unreviewed
CVE-2026-9261
was published
Jun 16, 2026
The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against...
Critical
Unreviewed
CVE-2026-50086
was published
Jun 12, 2026
Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache...
Moderate
Unreviewed
CVE-2026-40996
was published
Jun 11, 2026
During an internal security assessment, a potential vulnerability was discovered in some ThinkPad...
High
Unreviewed
CVE-2025-10237
was published
Jun 10, 2026
A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the...
Low
Unreviewed
CVE-2026-11481
was published
Jun 8, 2026
A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown...
Low
Unreviewed
CVE-2026-11479
was published
Jun 8, 2026
A weakness has been identified in thedotmack claude-mem up to 11.0.1. The affected element is the...
Low
Unreviewed
CVE-2026-11330
was published
Jun 5, 2026
A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the...
Low
Unreviewed
CVE-2026-11329
was published
Jun 5, 2026
A flaw has been found in LMCache up to 0.4.6. This affects the function hex_hash_to_int16 of the...
Low
Unreviewed
CVE-2026-10813
was published
Jun 4, 2026
A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects...
Low
Unreviewed
CVE-2026-10814
was published
Jun 4, 2026
ProTip!
Advisories are also available from the
GraphQL API