Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,732
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,952
Pub
13
RubyGems
1,055
Rust
1,343
Swift
54
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Hugo's Node tool execution allows file system access outside the project directory Moderate
CVE-2026-44301 was published for github.com/gohugoio/hugo (Go) May 6, 2026
jmooring Credited to jmooring, bacu79, and Gokul965 bacu79 bacu79
Gokul965 Gokul965
PostCSS has XSS via Unescaped </style> in its CSS Stringify Output Moderate
CVE-2026-41305 was published for postcss (npm) Apr 24, 2026
TharVid Credited to TharVid
A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2025-8263 was published Jul 28, 2025
PostCSS line return parsing error Moderate
CVE-2023-44270 was published for postcss (npm) Sep 30, 2023
DCKcode Credited to DCKcode
Regular Expression Denial of Service in postcss Moderate
CVE-2021-23382 was published for postcss (npm) Jan 7, 2022
DeeDeeG Credited to DeeDeeG and Towerism Towerism Towerism
Regular Expression Denial of Service in postcss Moderate
CVE-2021-23368 was published for postcss (npm) May 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database