GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,104 advisories
Atlantis Exposes Service Version Publicly on /status API Endpoint
Low
CVE-2025-58445
was published
for
github.com/runatlantis/atlantis
(Go)
Sep 5, 2025
Argo CD's Project API Token Exposes Repository Credentials
Critical
CVE-2025-55190
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Sep 4, 2025
Contao can disclose sensitive information in the news module
Moderate
CVE-2025-57757
was published
for
contao/contao
(Composer)
Aug 28, 2025
Contao discloses sensitive information in the front end search index
Moderate
CVE-2025-57756
was published
for
contao/contao
(Composer)
Aug 28, 2025
Opencast still publishes global system account credentials
Moderate
CVE-2025-54380
was published
for
org.opencastproject:opencast-common
(Maven)
Jul 25, 2025
@musistudio/claude-code-router has improper CORS configuration
High
CVE-2025-57755
was published
for
@musistudio/claude-code-router
(npm)
Aug 21, 2025
Indico vulnerability allows attackers to bulk dump user details
Moderate
CVE-2025-53640
was published
for
indico
(pip)
Jul 14, 2025
Mattermost password hash disclosure vulnerability
Moderate
CVE-2023-5968
was published
for
github.com/mattermost/mattermost-server
(Go)
Nov 6, 2023
ProTip!
Advisories are also available from the
GraphQL API