Enhance security by fostering global collaboration.
We do the hard work, you can use it.
Dive into security research on open-source projects to explore new and emerging threats, and learn how to mitigate them so that you can make your own software more secure.
Read the ResearchLatest vulnerabilities disclosed
-
Java deserialization leading to RCE in pac4j-core - CVE-2023-25581
-
Possible full repository takeover for RSSHub through Artifact Poisoning - CVE-2024-47179
-
Possible secret exfiltration and write access to Gradio through untrusted code execution
-
Potential account takeover in Kong through Actions expression injection
-
Reflected Cross-Site Scripting (XSS) vulnerability in Alist - CVE-2024-47067
Open doors, open solutions:
Embracing Enterprise & Open Source
Open Source Community
Learn about secure coding practices, get hands-on with AppSec training, and connect with experts during our office hours – free for open source developers, maintainers, and security researchers.
GitHub Security Lab for the Enterprise
At the GitHub Security Lab, our security experts, through community collaboration, strengthen open source security which is crucial for enterprises. We channel the community’s contributions into proven CodeQL queries and timely security advisories, and offer enterprises actionable insights that help secure your supply chain and accelerate the software development lifecycle.
About the GitHub Security Lab.
Learn more on GitHub Security Lab
Through research, education, and maintenance of the GitHub Advisory Database, we empower the community.
We’re active on social media!
Through research, education, and maintenance of the GitHub Advisory Database, we empower the community.