GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
337 advisories
OAuth2-Proxy's `--gitlab-group` GitLab Group Authorization config flag stopped working in v7.0.0
Moderate
CVE-2021-21411
was published
for
github.com/oauth2-proxy/oauth2-proxy/v7
(Go)
Jul 30, 2025
Directus' insufficient permission checks can enable unauthenticated users to manually trigger Flows
Moderate
CVE-2025-53889
was published
for
directus
(npm)
Jul 15, 2025
OpenFGA Authorization Bypass
Moderate
CVE-2025-48371
was published
for
github.com/openfga/openfga
(Go)
May 23, 2025
Graylog's Authenticated HTTP inputs ingest message even if Authorization header is missing or has wrong value
Moderate
CVE-2025-30373
was published
for
org.graylog2:graylog2-server
(Maven)
Apr 7, 2025
Kyverno ignores subjectRegExp and IssuerRegExp
Moderate
CVE-2025-29778
was published
for
github.com/kyverno/kyverno
(Go)
Mar 24, 2025
ProTip!
Advisories are also available from the
GraphQL API