Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,480 advisories

Loading
Mattermost Does Not Sanitize the Team Invite ID Moderate
CVE-2025-47870 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
Mattermost Server SSRF Vulnerability via the Agents Plugin Low
CVE-2025-47700 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
Mattermost Lack of Access Control Validation Low
CVE-2025-49810 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
CRI-O has Potential High Memory Consumption from File Read Moderate
CVE-2025-4437 was published for github.com/cri-o/cri-o (Go) Aug 20, 2025
Default Credentials in nginx-defender Configuration Files Moderate
CVE-2025-55740 was published for github.com/Anipaleja/nginx-defender (Go) Aug 19, 2025
Anipaleja
HydrAIDE Authentication Bypass Vulnerability Critical
GHSA-qp7j-x725-g67f was published for github.com/hydraide/hydraide (Go) Aug 19, 2025
yyewolf
OpenFGA Authorization Bypass Moderate
CVE-2025-55213 was published for github.com/openfga/openfga (Go) Aug 18, 2025
domharries
Capsule tenant owners with "patch namespace" permission can hijack system namespaces label Critical
CVE-2025-55205 was published for github.com/projectcapsule/capsule (Go) Aug 18, 2025
b0b0haha
HashiCorp go-getter Vulnerable to Symlink Attacks High
CVE-2025-8959 was published for github.com/hashicorp/go-getter (Go) Aug 15, 2025
Information Disclosure in Amazon ECS Container Agent Moderate
CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025
Helm May Panic Due To Incorrect YAML Content Moderate
CVE-2025-55198 was published for helm.sh/helm/v3 (Go) Aug 14, 2025
jake-ciolek
Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion Moderate
CVE-2025-55199 was published for helm.sh/helm/v3 (Go) Aug 14, 2025
jake-ciolek
External Secrets Operator's Missing Namespace Restriction Allows Unauthorized Secret Access High
CVE-2025-55196 was published for github.com/external-secrets/external-secrets (Go) Aug 13, 2025
gracedo moolen
OliveTin OS Command Injection vulnerability High
CVE-2025-50946 was published for github.com/OliveTin/OliveTin (Go) Aug 13, 2025
Komari vulnerable to 2FA Authentication Bypass High
GHSA-jhmr-57cj-q6g9 was published for github.com/komari-monitor/komari (Go) Aug 12, 2025
imlonghao
Komari vulnerable to Cross-site WebSocket Hijacking High
GHSA-q355-h244-969h was published for github.com/komari-monitor/komari (Go) Aug 12, 2025
imlonghao
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions High
CVE-2025-52931 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2025-53514 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Low
CVE-2025-53857 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2025-54463 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin is Missing Authentication for Critical Function High
CVE-2025-54478 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Improper Validation of Specified Type of Input High
CVE-2025-54525 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-54458 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-53910 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-8285 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database