GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6,221 advisories
MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation
High
CVE-2026-21452
was published
for
org.msgpack:msgpack-core
(Maven)
Jan 5, 2026
lsFusion Server is vulnerable to Path Traversal through its unpackFile function
Moderate
CVE-2025-13265
was published
for
lsfusion.platform:server
(Maven)
Nov 17, 2025
LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS
High
CVE-2025-12183
was published
for
at.yawk.lz4:lz4-java
(Maven)
Nov 28, 2025
Quarkus potentially leaks data when duplicating a duplicated context
Moderate
CVE-2025-49574
was published
for
io.quarkus:quarkus-vertx
(Maven)
Jun 23, 2025
Duplicate Advisory: Keycloak error_description injection on error pages that can trigger phishing attacks
Moderate
GHSA-xmcw-mv9p-7pq2
was published
for
org.keycloak:keycloak-account-ui
(Maven)
Sep 5, 2025
•
withdrawn
Keycloak vulnerable to session takeovers due to reuse of session identifiers
Moderate
CVE-2025-12390
was published
for
org.keycloak:keycloak-services
(Maven)
Oct 28, 2025
ProTip!
Advisories are also available from the
GraphQL API