Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Strawberry GraphQL's Bypass of MaxAliasesLimiter via Fragment Spreads leading to GraphQL Alias Amplification Moderate
CVE-2026-47707 was published for strawberry-graphql (pip) Jun 4, 2026
gonas0919 Credited to gonas0919, bellini666, Ckk3, and patrick91 bellini666 bellini666
Ckk3 Ckk3 patrick91 patrick91
Strawberry GraphQL has a Circular Fragment Reference DOS Moderate
CVE-2026-47706 was published for strawberry-graphql (pip) Jun 4, 2026
gonas0919 Credited to gonas0919, Ckk3, bellini666, and patrick91 Ckk3 Ckk3
bellini666 bellini666 patrick91 patrick91
AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector Low
CVE-2026-34513 was published for aiohttp (pip) Apr 1, 2026
gonas0919 Credited to gonas0919
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database