Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Essential vulnerability data for your ecosystem

Advisories is a comprehensive open API service that provides professional-quality security vulnerability metadata for numerous open source software ecosystems for free

Comprehensive vulnerability database

Access unified vulnerability data from multiple sources including package registries, software repositories, and vulnerability databases, giving you a comprehensive view of security threats across your entire open source stack.

23,273 Advisories
10,110 Packages

Latest vulnerabilities

View all
Moderate
1 day ago

Opencast still publishes global system account credentials GSA_kwCzR0hTQS1qNjNoLWhtZ3cteDRqN84ABKiM

maven org.opencastproject:opencast-publication-service-oaipmh-remote, org.opencastproject:opencast-kernel, org.opencastproject:opencast-ingest-service-impl, org.opencastproject:opencast-common
High
1 day ago

HAX CMS API Lacks Authorization Checks GSA_kwCzR0hTQS05anI5LThmZjMtbTg5NM4ABKiL

packagist, npm elmsln/haxcms, @haxtheweb/haxcms-nodejs
Critical
1 day ago

tj-actions/branch-names has a Command Injection Vulnerability GSA_kwCzR0hTQS1ncTUyLTZwaGYteDJyNs4ABKiK

actions tj-actions/branch-names
High
1 day ago

Skops may allow MethodNode to access unexpected object fields through dot notation, leading to arbitrary code execution at load time GSA_kwCzR0hTQS00djZ3LXhwbWgtZ2ZncM4ABKiJ

pypi skops

Get complete security visibility

Access unified vulnerability data from multiple sources including package registries, software repositories, and vulnerability databases, giving you a comprehensive view of security threats across your entire open source stack.

Stay ahead of security risks

Identify which packages and projects in your dependencies are affected by security advisories, empowering you to make informed decisions and address vulnerabilities before they become critical threats to your systems.

Integrate seamlessly into your workflow

Enjoy 5,000 requests per hour rate limits and comprehensive REST API documentation, allowing you to easily incorporate security intelligence into your development and security management processes.

Free and open

We provide this essential service at no cost as part of the broader ecosyste.ms initiative to support and secure critical digital infrastructure.

Find out more

Get started

Find a project and see it in our dashboard, with statistics on responsiveness, productivity, finance and more available to compare over time.

Read the API docsBrowse vulnerabilities