Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
CometBFT's invalid BitArray handling can lead to network halt High
GHSA-hrhf-2vcr-ghch was published for github.com/cometbft/cometbft (Go) Oct 14, 2025
whoismxuse
Credited to whoismxuse
An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding... High Unreviewed
CVE-2024-21612 was published Jan 12, 2024
BER/CER/DER decoder panics on invalid input High
CVE-2023-39914 was published for bcder (Rust) Sep 13, 2023
NLnet Labs’ Routinator up to and including version 0.12.1 may crash when trying to parse certain... High Unreviewed
CVE-2023-39915 was published Sep 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database