This version of GitHub Enterprise Server was discontinued on 2026-06-02. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Concepts for vulnerability reporting and management

Learn core concepts relating to vulnerability reporting and management on GitHub.

GitHub Advisory database

The GitHub Advisory Database contains a list of known security vulnerabilities and malware, grouped in three categories: GitHub-reviewed advisories, unreviewed advisories, and malware advisories.

Global security advisories

Global security advisories are CVEs and GitHub-originated advisories affecting the open source world, located in the GitHub Advisory Database.