Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
HAX CMS application pages vulnerable to clickjacking Moderate
CVE-2025-54139 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 21, 2025
lfgberg odransfield
NodeJS version of the HAX CMS application is distributed with Default Secrets High
CVE-2025-54137 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025
lfgberg asareynolds
@haxtheweb/haxcms-nodejs Iframe Phishing vulnerability Moderate
CVE-2025-49139 was published for @haxtheweb/haxcms-nodejs (npm) Jun 9, 2025
lfgberg odransfield
Hax CMS Stored Cross-Site Scripting vulnerability High
CVE-2025-49137 was published for elmsln/haxcms (Composer) Jun 9, 2025
lfgberg asareynolds
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database