Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Github — Vulnerabilities & Security Advisories 135

Browse all 135 CVE security advisories affecting Github. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GitHub operates as a cloud-based platform for version control and collaborative software development, primarily hosting Git repositories for millions of developers worldwide. Its extensive attack surface has historically exposed it to critical vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation, often stemming from complex integrations and third-party dependencies. With 131 recorded CVEs, the platform has faced significant security challenges, most notably the 2021 incident where attackers compromised two-factor authentication tokens to access internal systems, leading to the theft of source code from major clients. These breaches underscore the risks associated with centralized code hosting and the potential for supply chain attacks. While GitHub employs rigorous security measures, its scale and role as infrastructure for global software development make it a high-value target, necessitating continuous vigilance against both external exploits and insider threats to maintain the integrity of the open-source ecosystem.

Found 1 results / 135Clear Filters
Top products by Github: Enterprise Server GitHub Enterprise Server cmark-gfm codeql-action vscode-codeql paste-markdown view_component trilogy codeql-cli-binaries Webiness Inventory copilot-cli
HighCVE-2026-74012026-04-30
GitHub - Xmyronn/CVE-2026-7401-XSS · GitHub
Medium2026-04-29
Exec approvals: reject shell init-file script matches (#58369) · openclaw/openclaw@0c83754 · GitHub
High2026-04-18
security-research/Hotel-Booking-Management-System/sensitive-information-disclosure/PoC.md at main · sudo-secure/security
CriticalCVE-2020-355802026-04-08
GitHub Actions Shell Injection via Workflow Inputs · Advisory · NationalSecurityAgency/emissary · GitHub
Critical2026-04-05
code-projects Concert Ticket Reservation System V1.0 /ConcertTicketReservationSystem-master/login.php SQL injection · Is
Unknown2026-04-02
Unauthenticated Access to Role-Restricted documents via neutralized .htaccess · Advisory · Admidio/admidio · GitHub
Unknown2026-04-02
Web-Security-PoCs/Inventory-System/XSS-AddCustomer-msg.md at main · meifukun/Web-Security-PoCs · GitHub
CriticalCVE-2025-242432026-04-02
Command Injection via `issue_comment.body` in GitHub Actions Workflow · Advisory · njzjz/wenxian · GitHub
Unknown2026-02-21
Merge commit from fork · zumba/json-serializer@bf26227 · GitHub
HighICSA-25-329-032025-11-27
CSAF/csaf_files/OT/white/2025/icsa-25-329-03.json at develop · cisagov/CSAF · GitHub
Critical2025-11-24
cve/SQL injection2.md at main · Yohane-Mashiro/cve · GitHub
Unknown2025-11-24
question-paper-generatorV1.0 in /signupscript.php SQL Injection · Issue #6 · rassec2/dbcve
UnknownCVE-2025-638782025-11-20
CVE-Research/CVE-2025-63878.md at main · rumanaemu/CVE-Research · GitHub
HighCVE-2025-638792025-11-20
CVE-Research/CVE-2025-63879.md at main · rumanaemu/CVE-Research · GitHub
MediumCVE-2025-638832025-11-19
security-advisories/CVE-2025-63883.md at main · minhajultaivin/security-advisories · GitHub
High2025-11-18
code-projects Courier Management System V1.0 /courier/add-new-officer.php SQL injection · Issue #1 · labi1106/cve
High2025-11-16
cve/xss7.md at main · asd1238525/cve · GitHub
HighCVE-2024-220802025-11-11
CVE-Discovery/Online Job Search Engine.md at main · lakshayyverma/CVE-Discovery · GitHub

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with Github. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.