Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,888
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,215
NuGet
744
pip
3,990
Pub
12
RubyGems
950
Rust
1,038
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Reflected XSS in Gotify's /docs via import of outdated Swagger UI Moderate
GHSA-3244-8mff-w398 was published for github.com/gotify/server (Go) Jan 10, 2023
40826d
Credited to 40826d
Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics High
CVE-2023-27591 was published for miniflux.app (Go) Apr 2, 2025
40826d fguillot
Credited to 40826d and fguillot
Stored XSS in Miniflux when opening a broken image due to unescaped ServerError in proxy handler Moderate
CVE-2023-27592 was published for miniflux.app/v2 (Go) Apr 2, 2025
fguillot 40826d
Credited to fguillot and 40826d
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database