Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
48
GitHub Actions
48
Go
3,382
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,597
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local... Low Unreviewed
CVE-2026-32970 was published Mar 31, 2026
pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback Low
CVE-2026-27448 was published for pyopenssl (pip) Mar 16, 2026
OpenClaw: Unavailable local auth SecretRefs could fall through to remote credentials in local mode Low
GHSA-qvr7-g57c-mrc7 was published for openclaw (npm) Mar 13, 2026
tdjackey Credited to tdjackey
An administrator may attempt to block all networks by specifying "\*" or "all" as the network... Moderate Unreviewed
CVE-2025-41759 was published Mar 9, 2026
An administrator may attempt to block all traffic by configuring a pass filter with an empty... Moderate Unreviewed
CVE-2025-41760 was published Mar 9, 2026
Windows BitLocker Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21210 was published Jan 14, 2025
Hashicorp Vault vulnerable to denial of service through memory exhaustion High
CVE-2024-8185 was published for github.com/hashicorp/vault (Go) Oct 31, 2024
westonsteimel Credited to westonsteimel
Remote Registry Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43532 was published Oct 8, 2024
HashiCorpVault does not correctly validate OCSP responses Moderate
CVE-2024-2660 was published for github.com/hashicorp/vault (Go) Apr 4, 2024
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen... High Unreviewed
CVE-2023-4030 was published Aug 17, 2023
Docker Swarm encrypted overlay network may be unauthenticated High
CVE-2023-28840 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere Credited to corhere, quadespresso, cpuguy83, tianon, neersighted, laurazard, and akerouanton quadespresso quadespresso
cpuguy83 cpuguy83 tianon tianon neersighted neersighted laurazard laurazard akerouanton akerouanton
Docker Swarm encrypted overlay network traffic may be unencrypted Moderate
CVE-2023-28841 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere Credited to corhere, cpuguy83, tianon, laurazard, akerouanton, quadespresso, and neersighted cpuguy83 cpuguy83
tianon tianon laurazard laurazard akerouanton akerouanton quadespresso quadespresso neersighted neersighted
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated Moderate
CVE-2023-28842 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere Credited to corhere, neersighted, cpuguy83, tianon, quadespresso, laurazard, and akerouanton neersighted neersighted
cpuguy83 cpuguy83 tianon tianon quadespresso quadespresso laurazard laurazard akerouanton akerouanton
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions... Moderate Unreviewed
CVE-2023-22943 was published Feb 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database