GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,052 advisories
Insufficient input sanitization in ejson2env
Moderate
CVE-2025-48069
was published
for
ejson2env
(RubyGems)
May 21, 2025
containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.
Moderate
CVE-2025-47291
was published
for
github.com/containerd/containerd/v2
(Go)
May 21, 2025
Character injection in Hubble CLI
Moderate
CVE-2025-48056
was published
for
github.com/cilium/hubble
(Go)
May 21, 2025
LF Edge eKuiper Vulnerable to Stored XSS in Configuration Key Functionality
Moderate
CVE-2024-52290
was published
for
github.com/lf-edge/ekuiper
(Go)
May 14, 2025
nosurf vulnerable to CSRF due to non-functional same-origin request checks
Moderate
CVE-2025-46721
was published
for
github.com/justinas/nosurf
(Go)
May 14, 2025
Linkerd resource exhaustion vulnerability
Moderate
CVE-2025-43915
was published
for
github.com/linkerd/linkerd2
(Go)
May 5, 2025
OpenFGA Authorization Bypass
Moderate
CVE-2025-46331
was published
for
github.com/openfga/openfga
(Go)
Apr 30, 2025
Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS
Moderate
CVE-2025-32963
was published
for
github.com/minio/operator
(Go)
Apr 21, 2025
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Moderate
CVE-2025-32793
was published
for
github.com/cilium/cilium
(Go)
Apr 21, 2025
ProTip!
Advisories are also available from the
GraphQL API