Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,838 advisories

Loading
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54267 was published Oct 14, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54265 was published Oct 14, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... High Unreviewed
CVE-2025-54263 was published Oct 14, 2025
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and... Moderate Unreviewed
CVE-2025-54277 was published Oct 14, 2025
Mattermost has an Incorrect Authorization vulnerability Low
CVE-2025-10545 was published for github.com/mattermost/mattermost-server (Go) Oct 16, 2025
Due to an insufficient access control implementation in multiple WSO2 Products, authentication... Critical Unreviewed
CVE-2025-10611 was published Oct 16, 2025
An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to... Moderate Unreviewed
CVE-2025-9955 was published Oct 16, 2025
MinIO is Vulnerable to Privilege Escalation via Session Policy Bypass in Service Accounts and STS High
CVE-2025-62506 was published for github.com/minio/minio (Go) Oct 16, 2025
donatello
Credited to donatello
An Incorrect Authorization vulnerability has been identified in Moxa’s network security... High Unreviewed
CVE-2025-6892 was published Oct 17, 2025
Ash has authorization bypass when bypass policy condition evaluates to true High
CVE-2025-48044 was published for ash (Erlang) Oct 17, 2025
jechol maennchen
zachdaniel
Credited to jechol, maennchen, and zachdaniel
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the... Moderate Unreviewed
CVE-2025-62647 was published Oct 17, 2025
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote... Moderate Unreviewed
CVE-2025-62648 was published Oct 17, 2025
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not... Moderate Unreviewed
CVE-2025-62651 was published Oct 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database