GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,646 advisories
Astro Development Server has Arbitrary Local File Read
Low
CVE-2025-64757
was published
for
astro
(npm)
Nov 19, 2025
LibreNMS has Weak Password Policy
Low
CVE-2025-65014
was published
for
librenms/librenms
(Composer)
Nov 18, 2025
PrivateBin vulnerable to malicious filename use for self-XSS / HTML injection locally for users
Low
CVE-2025-64711
was published
for
privatebin/privatebin
(Composer)
Nov 14, 2025
Astro development server error page vulnerable to reflected Cross-site Scripting
Low
CVE-2025-64745
was published
for
astro
(npm)
Nov 13, 2025
sudo-rs: Partial password reveal is possible after timeout
Low
CVE-2025-64170
was published
for
sudo-rs
(Rust)
Nov 12, 2025
changedetection.io: Stored XSS in Watch update via API
Low
CVE-2025-62780
was published
for
changedetection.io
(pip)
Nov 12, 2025
Open redirect endpoint in Datasette
Low
CVE-2025-64481
was published
for
datasette
(pip)
Nov 6, 2025
Weblate leaks the IP of project member inviting user to be reviewer in Audit log
Low
CVE-2025-64326
was published
for
weblate
(pip)
Nov 5, 2025
Protobuf Maven Plugin protocDigest is ignored when using protoc from PATH
Low
GHSA-j2pc-v64r-mv4f
was published
for
io.github.ascopes:protobuf-maven-plugin
(Maven)
Nov 4, 2025
ProTip!
Advisories are also available from the
GraphQL API