Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

14 advisories

Loading
An unauthenticated device registration vulnerability, caused by Improperly Controlled... Moderate Unreviewed
CVE-2025-9315 was published Dec 10, 2025
HCL MyXalytics: 6.6.  is affected by Mass Assignment vulnerability. Mass Assignment occurs when... High Unreviewed
CVE-2025-52656 was published Oct 3, 2025
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This... Moderate Unreviewed
CVE-2025-7104 was published Sep 29, 2025
In danny-avila/librechat version v0.7.5-rc2, a vulnerability exists in the preset creation... Moderate Unreviewed
CVE-2024-10359 was published Mar 20, 2025
A mass assignment vulnerability exists in the `/api/invite/:code` endpoint of the mintplex-labs... Critical Unreviewed
CVE-2024-0404 was published Apr 16, 2024
A vulnerability in mintplex-labs/anything-llm allows users with manager roles to escalate their... High Unreviewed
CVE-2024-3283 was published Apr 10, 2024
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the... Moderate Unreviewed
CVE-2023-39983 was published Sep 2, 2023
The recovery mode for updates has a vulnerability that causes arbitrary disk modification.... High Unreviewed
CVE-2022-48359 was published Mar 28, 2023
A vulnerability found in postgresql. On this security issue an attack requires permission to... High Unreviewed
CVE-2022-2625 was published Aug 19, 2022
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an... High Unreviewed
CVE-2020-24036 was published May 24, 2022
The Cloud Functions subsystem in OpenTrace 1.0 might allow fabrication attacks by making billions... Moderate Unreviewed
CVE-2020-11872 was published May 24, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the administrator page admin/changegroupperm... High Unreviewed
CVE-2019-9058 was published May 13, 2022
admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin (wp-splashing-images)... High Unreviewed
CVE-2018-6195 was published May 13, 2022
The script '/adminui/error_details.php' in the Quest KACE System Management Appliance 8.0.318... High Unreviewed
CVE-2018-11135 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database