GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
Information Disclosure when resetting device to factory default settings through powerline...
Moderate
Unreviewed
CVE-2025-59601
was published
Jun 2, 2026
Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All have an Exposure of Sensitive Information Through Metadata vulnerability
Moderate
CVE-2026-49270
was published
for
org.apache.activemq:activemq-all
(Maven)
Jun 1, 2026
HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images....
Low
Unreviewed
CVE-2025-31959
was published
May 6, 2026
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The...
Moderate
Unreviewed
CVE-2026-27661
was published
Mar 10, 2026
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET....
High
Unreviewed
CVE-2025-30038
was published
Aug 27, 2025
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user...
Low
Unreviewed
CVE-2025-8713
was published
Aug 14, 2025
Information disclosure while accessing and modifying the PIB file of a remote device via powerline.
High
Unreviewed
CVE-2025-47324
was published
Aug 6, 2025
In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about...
Low
Unreviewed
CVE-2023-50458
was published
Jul 10, 2025
LiteLLM Has a Leakage of Langfuse API Keys
High
CVE-2025-0330
was published
for
litellm
(pip)
Mar 20, 2025
An information disclosure vulnerability exists in the latest version of transformeroptimus...
Moderate
Unreviewed
CVE-2024-9447
was published
Mar 20, 2025
In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and...
High
Unreviewed
CVE-2024-9099
was published
Mar 20, 2025
Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a...
Moderate
Unreviewed
CVE-2025-1921
was published
Mar 5, 2025
Moodle's non-searchable tags can still be discovered on the tag search page and in the tags block
Moderate
CVE-2025-26527
was published
for
moodle/moodle
(Composer)
Feb 24, 2025
The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10324
was published
Jan 24, 2025
Expired and unusable administrator authentication tokens can be revealed by units that have timed...
Moderate
Unreviewed
CVE-2024-47517
was published
Jan 11, 2025
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through...
High
Unreviewed
CVE-2024-53291
was published
Dec 25, 2024
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the...
Moderate
Unreviewed
CVE-2024-49395
was published
Nov 12, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8910
was published
Sep 25, 2024
In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where...
Moderate
Unreviewed
CVE-2024-5213
was published
Jun 20, 2024
The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2023-6962
was published
May 2, 2024
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A...
Moderate
Unreviewed
CVE-2023-32488
was published
Aug 16, 2023
Answer vulnerable to Exposure of Sensitive Information Through Metadata
Moderate
CVE-2023-1974
was published
for
github.com/answerdev/answer
(Go)
Apr 11, 2023
ProTip!
Advisories are also available from the
GraphQL API