Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,900
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,373
Swift
54
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
@babel/plugin-transform-modules-systemjs generates arbitrary code when compiling malicious input High
CVE-2026-44728 was published for @babel/plugin-transform-modules-systemjs (npm) May 8, 2026
JLHwung Credited to JLHwung, daniel-msft, and nicolo-ribaudo daniel-msft daniel-msft
nicolo-ribaudo nicolo-ribaudo
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups Moderate
CVE-2025-27789 was published for @babel/helpers (npm) Mar 11, 2025
mmmsssttt404 Credited to mmmsssttt404, JLHwung, nicolo-ribaudo, TiKevin83, and davidfaj JLHwung JLHwung
nicolo-ribaudo nicolo-ribaudo TiKevin83 TiKevin83 davidfaj davidfaj
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code Critical
CVE-2023-45133 was published for @babel/traverse (npm) Oct 16, 2023
SteakEnthusiast Credited to SteakEnthusiast, ashdude1401, nicolo-ribaudo, Apetree100122, and ebickle ashdude1401 ashdude1401
nicolo-ribaudo nicolo-ribaudo Apetree100122 Apetree100122 ebickle ebickle
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database