GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
SM2-PKE has 32-bit Biased Nonce Vulnerability
High
CVE-2026-22698
was published
for
sm2
(Rust)
Jan 9, 2026
SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()
High
CVE-2026-22699
was published
for
sm2
(Rust)
Jan 9, 2026
RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE
High
CVE-2026-22700
was published
for
sm2
(Rust)
Jan 13, 2026
sm-crypto Affected by Private Key Recovery in SM2-PKE
Critical
CVE-2026-23966
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Signature Malleability in SM2-DSA
High
CVE-2026-23967
was published
for
sm-crypto
(npm)
Jan 21, 2026
sm-crypto Affected by Signature Forgery in SM2-DSA
High
CVE-2026-23965
was published
for
sm-crypto
(npm)
Jan 21, 2026
cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
High
CVE-2026-26007
was published
for
cryptography
(pip)
Feb 10, 2026
ProTip!
Advisories are also available from the
GraphQL API