Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex High
GHSA-pxq7-h93f-9jrg was published for github.com/oauth2-proxy/oauth2-proxy/v7 (Go) Apr 15, 2026
rootxharsh Credited to rootxharsh
@fastify/express vulnerable to Improper Handling of URL Encoding (Hex Encoding) High
CVE-2026-22037 was published for @fastify/express (npm) Jan 20, 2026
rootxharsh Credited to rootxharsh, Eomm, and mcollina Eomm Eomm
mcollina mcollina
Fastify Middie Middleware Path Bypass High
CVE-2026-22031 was published for @fastify/middie (npm) Jan 20, 2026
rootxharsh Credited to rootxharsh, kamilmysliwiec, Eomm, and mcollina kamilmysliwiec kamilmysliwiec
Eomm Eomm mcollina mcollina
Lucee RCE/XXE Vulnerability Critical
CVE-2023-38693 was published for org.lucee:lucee (Maven) Mar 5, 2025
rootxharsh Credited to rootxharsh and zspitzer zspitzer zspitzer
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User High
CVE-2023-32079 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh Credited to rootxharsh and iamnoooob iamnoooob iamnoooob
Netmaker IDOR Allows User to Update Other User's Password High
CVE-2023-32078 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh Credited to rootxharsh and iamnoooob iamnoooob iamnoooob
Netmaker has Hardcoded DNS Secret Key High
CVE-2023-32077 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh Credited to rootxharsh and iamnoooob iamnoooob iamnoooob
Open Redirect in OAuth2 Proxy High
CVE-2020-11053 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
rootxharsh Credited to rootxharsh, iamnoooob, and Mik317 iamnoooob iamnoooob
Mik317 Mik317
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database