GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,596
Composer 4,840
Erlang 36
GitHub Actions 33
Go 2,464
Maven 5,878
npm 4,082
NuGet 723
pip 3,880
Pub 12
RubyGems 943
Rust 1,011
Swift 39

Unreviewed advisories

All unreviewed 266,882

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,314 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

hippo4j Includes Hard Coded Secret Key in JWT Creation High

CVE-2025-51606 was published for cn.hippo4j:hippo4j-core (Maven) Aug 21, 2025

IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2025-33100 was published Aug 18, 2025

A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed

CVE-2025-7342 was published Aug 18, 2025

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by... Critical Unreviewed

CVE-2025-43982 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored... Moderate Unreviewed

CVE-2025-54465 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within... Moderate Unreviewed

CVE-2025-55279 was published Aug 13, 2025

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If... Moderate Unreviewed

CVE-2025-26398 was published Aug 12, 2025

Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow... Critical Unreviewed

CVE-2025-7768 was published Aug 6, 2025

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed

CVE-2025-51536 was published Aug 4, 2025

A vulnerability was discovered in the storage policy for certain sets of authentication keys in... Moderate Unreviewed

CVE-2025-37111 was published Jul 31, 2025

A vulnerability was discovered in the storage policy for certain sets of encryption keys in the... Moderate Unreviewed

CVE-2025-37112 was published Jul 31, 2025

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed

CVE-2025-30125 was published Jul 28, 2025

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed

CVE-2025-8231 was published Jul 27, 2025

Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed

CVE-2025-45466 was published Jul 25, 2025

HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed

CVE-2025-31953 was published Jul 24, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54455 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54454 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants... High Unreviewed

CVE-2025-4130 was published Jul 21, 2025

Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability... High Unreviewed

CVE-2025-4049 was published Jul 21, 2025

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... High Unreviewed

CVE-2025-4569 was published Jul 21, 2025

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... Moderate Unreviewed

CVE-2025-4570 was published Jul 21, 2025

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( ... Moderate Unreviewed

CVE-2025-6982 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials... Moderate Unreviewed

CVE-2025-53754 was published Jul 16, 2025

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN... Moderate Unreviewed

CVE-2025-53842 was published Jul 16, 2025

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file... Moderate Unreviewed

CVE-2025-52363 was published Jul 14, 2025

Previous 1 2 3 4 5 … 52 53 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,314 advisories