Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

238 advisories

Loading
subhanUmer Credited to subhanUmer
Apache Tomcat: Configured cipher preference order not preserved High
CVE-2026-29129 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Apr 9, 2026
aruneko Credited to aruneko
LiteLLM: Password hash exposure and pass-the-hash authentication bypass High
GHSA-69x8-hrgq-fjj8 was published for litellm (pip) Apr 8, 2026
AVideo has an unauthenticated decrypt oracle leaking any ciphertext High
CVE-2026-33512 was published for wwbn/avideo (Composer) Mar 20, 2026
Ahmad-jarwan Credited to Ahmad-jarwan
Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle High
CVE-2026-28490 was published for authlib (pip) Mar 16, 2026
Pr00fOf3xpl0it Credited to Pr00fOf3xpl0it and Jaynornj Jaynornj Jaynornj
Striae has a hash validation utility vulnerability High
CVE-2026-31839 was published for @striae-org/striae (npm) Mar 11, 2026
StephenJLu Credited to StephenJLu
OpenClaw replaced a deprecated sandbox hash algorithm High
CVE-2026-28479 was published for openclaw (npm) Feb 19, 2026
kexinoh Credited to kexinoh
Clatter has a PSK Validity Rule Violation issue High
CVE-2026-24785 was published for clatter (Rust) Jan 28, 2026
twisteroidambassador Credited to twisteroidambassador
ProTip! Advisories are also available from the GraphQL API