Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,606
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,831
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
MantisBT unauthorized disclosure of private project column configuration Moderate
CVE-2025-62520 was published for mantisbt/mantisbt (Composer) Nov 3, 2025
jrckmcsb Credited to jrckmcsb, atrol, and dregad atrol atrol
dregad dregad
Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting Moderate
CVE-2024-34081 was published for mantisbt/mantisbt (Composer) May 13, 2024
atrol Credited to atrol, unboundeduniverse, and dregad unboundeduniverse unboundeduniverse
dregad dregad
MantisBT Host Header Injection vulnerability High
CVE-2024-23830 was published for mantisbt/mantisbt (Composer) Feb 20, 2024
dregad Credited to dregad, Kerkroups, shaozi, plmaltais, and atrol Kerkroups Kerkroups
shaozi shaozi plmaltais plmaltais atrol atrol
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database