Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Constellation has insecure LUKS2 persistent storage partitions which may be opened and used High
CVE-2025-58356 was published for github.com/edgelesssys/constellation/v2 (Go) Oct 27, 2025
tjade273 daniel-weisse
msanft katexochen
Credited to tjade273, daniel-weisse, msanft, and katexochen
SiYuan has an arbitrary file deletion vulnerability High
CVE-2025-21609 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 3, 2025
N0el4kLs
Credited to N0el4kLs
Pterodactyl Wings vulnerable to Arbitrary File Write/Read High
CVE-2024-34066 was published for github.com/pterodactyl/wings (Go) May 3, 2024
TrixterTheTux matthewpi
Credited to TrixterTheTux and matthewpi
Information Exposure in Heketi High
CVE-2017-15104 was published for github.com/heketi/heketi (Go) Feb 15, 2022
Files or Directories Accessible to External Parties in kubernetes High
CVE-2021-25741 was published for k8s.io/kubernetes (Go) Nov 1, 2021
GitOps Run allows for Kubernetes workload injection High
CVE-2022-23508 was published for github.com/weaveworks/weave-gitops (Go) Jan 9, 2023
pjbgf
Credited to pjbgf
Arbitrary file read in ginadmin High
CVE-2022-30428 was published for github.com/gphper/ginadmin (Go) May 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database