Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
melange: Incomplete package integrity verification allows data section substitution High
CVE-2026-54174 was published for chainguard.dev/apko (Go) Jul 10, 2026
xnox Credited to xnox and egibs egibs egibs
Bouncy Castle for Java on All (API modules) allows Excessive Allocation Moderate
CVE-2025-8885 was published for org.bouncycastle:bc-fips (Maven) Aug 12, 2025
xnox Credited to xnox
Argo CD GitOps Engine does not scrub secret values from patch errors Moderate
GHSA-274v-mgcv-cm8j was published for github.com/argoproj/gitops-engine (Go) Jan 30, 2025
svghadi Credited to svghadi, kbsteere, and xnox kbsteere kbsteere
xnox xnox
ProTip! Advisories are also available from the GraphQL API