Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

68 advisories

Loading
The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via... Critical Unreviewed
CVE-2025-8625 was published Sep 30, 2025
The secret used for validating authentication tokens is hardcoded in device firmware for... Critical Unreviewed
CVE-2025-54807 was published Sep 18, 2025
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and... Critical Unreviewed
CVE-2025-55619 was published Aug 22, 2025
Dpanel's hard-coded JWT secret leads to remote code execution Critical
CVE-2025-30206 was published for github.com/donknap/dpanel (Go) Apr 15, 2025
NS-Sp4ce Credited to NS-Sp4ce
Dragonfly2 has hard coded cyptographic key Critical
CVE-2023-27584 was published for d7y.io/dragonfly/v2 (Go) Sep 19, 2024
cokeBeer Credited to cokeBeer and gaius-qi gaius-qi gaius-qi
@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys Critical
GHSA-84c3-j8r2-mcm8 was published for @nfid/embed (npm) Feb 26, 2024
agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate` Critical
CVE-2024-1631 was published for @dfinity/auth-client (npm) Feb 21, 2024
peterpeterparker Credited to peterpeterparker and krpeacock krpeacock krpeacock
ProTip! Advisories are also available from the GraphQL API