Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,931
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,382
Swift
56
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Caddy CVE-2026-30852 Fix Bypass Moderate
GHSA-wwhq-w58m-w29c was published for github.com/caddyserver/caddy/v2 (Go) May 19, 2026
everping Credited to everping
PraisonAI has unauthenticated RCE via `tool_override.py` (CVE-2026-40287 patch bypass) High
CVE-2026-44334 was published for praisonai (pip) May 6, 2026
everping Credited to everping
Astro's bypass of image proxy domain validation leads to SSRF and potential XSS High
CVE-2025-59837 was published for astro (npm) Oct 28, 2025
everping Credited to everping and GeneralZero GeneralZero GeneralZero
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database