GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,104
Composer 4,884
Erlang 37
GitHub Actions 38
Go 2,546
Maven 5,990
npm 4,205
NuGet 743
pip 3,978
Pub 12
RubyGems 947
Rust 1,034
Swift 39

Unreviewed advisories

All unreviewed 272,076

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Canonical LXD Vulnerable to Privilege Escalation via WebSocket Connection Hijacking in Operations API High

CVE-2025-54289 was published for github.com/canonical/lxd (Go) Oct 2, 2025

Komari vulnerable to Cross-site WebSocket Hijacking High

GHSA-q355-h244-969h was published for github.com/komari-monitor/komari (Go) Aug 12, 2025

Claude Code Improper Authorization via websocket connections from arbitrary origins High

CVE-2025-52882 was published for @anthropic-ai/claude-code (npm) Jun 23, 2025

Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not... High Unreviewed

CVE-2024-48849 was published Jan 29, 2025

A flaw was found in the ansible automation platform. An insecure WebSocket connection was being... High Unreviewed

CVE-2024-1657 was published Apr 25, 2024

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This... High Unreviewed

CVE-2023-2848 was published Sep 14, 2023

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6 advisories