Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
MinIO is Vulnerable to SSE Metadata Injection via Replication Headers High
CVE-2026-34204 was published for github.com/minio/minio (Go) Mar 27, 2026
harshavardhana Credited to harshavardhana, donatello, and shtripat donatello donatello
shtripat shtripat
MinIO LDAP login brute-force via user enumeration and missing rate limit Critical
CVE-2026-33419 was published for github.com/minio/minio (Go) Mar 20, 2026
harshavardhana Credited to harshavardhana, donatello, and taran-p donatello donatello
taran-p taran-p
MinIO has JWT Algorithm Confusion in OIDC Authentication Critical
CVE-2026-33322 was published for github.com/minio/minio (Go) Mar 19, 2026
KoreaSecurity Credited to KoreaSecurity, donatello, harshavardhana, and taran-p donatello donatello
harshavardhana harshavardhana taran-p taran-p
MinIO is Vulnerable to Privilege Escalation via Session Policy Bypass in Service Accounts and STS High
CVE-2025-62506 was published for github.com/minio/minio (Go) Oct 16, 2025
donatello Credited to donatello and SimeonPoot SimeonPoot SimeonPoot
MinIO allows an SFTP authentication bypass due to improperly trusted SSH key Moderate
CVE-2025-27414 was published for github.com/minio/minio (Go) Mar 3, 2025
donatello Credited to donatello and ston1th ston1th ston1th
MinIO vulnerable to privilege escalation in IAM import API High
CVE-2024-55949 was published for github.com/minio/minio (Go) Dec 16, 2024
donatello Credited to donatello
Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation High
CVE-2024-24747 was published for github.com/minio/minio (Go) Feb 1, 2024
NiklasBeierl Credited to NiklasBeierl, xSke, and donatello xSke xSke
donatello donatello
Minio vulnerable to Privilege Escalation on Windows via Path separator manipulation High
CVE-2023-28433 was published for github.com/minio/minio (Go) Sep 6, 2023
donatello Credited to donatello, harshavardhana, and RicterZ harshavardhana harshavardhana
RicterZ RicterZ
Privilege Escalation on Linux/MacOS High
CVE-2023-28434 was published for github.com/minio/minio (Go) Sep 5, 2023
donatello Credited to donatello, harshavardhana, and RicterZ harshavardhana harshavardhana
RicterZ RicterZ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database