GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,043 advisories
LF Edge eKuiper Vulnerable to Stored XSS in Configuration Key Functionality
Moderate
CVE-2024-52290
was published
for
github.com/lf-edge/ekuiper
(Go)
May 14, 2025
nosurf vulnerable to CSRF due to non-functional same-origin request checks
Moderate
CVE-2025-46721
was published
for
github.com/justinas/nosurf
(Go)
May 14, 2025
Linkerd resource exhaustion vulnerability
Moderate
CVE-2025-43915
was published
for
github.com/linkerd/linkerd2
(Go)
May 5, 2025
OpenFGA Authorization Bypass
Moderate
CVE-2025-46331
was published
for
github.com/openfga/openfga
(Go)
Apr 30, 2025
Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS
Moderate
CVE-2025-32963
was published
for
github.com/minio/operator
(Go)
Apr 21, 2025
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Moderate
CVE-2025-32793
was published
for
github.com/cilium/cilium
(Go)
Apr 21, 2025
Mattermost Incorrect Authorization vulnerability
Moderate
CVE-2025-27571
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 16, 2025
Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm
Moderate
CVE-2025-2475
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 14, 2025
gorilla/csrf CSRF vulnerability due to broken Referer validation
Moderate
CVE-2025-24358
was published
for
github.com/gorilla/csrf
(Go)
Apr 14, 2025
ProTip!
Advisories are also available from the
GraphQL API