This repository serves as a centralized archive for security advisories, vulnerability findings, and related research on software and applications. It provides a structured way to document, track, and share security issues discovered during research and assessments.
The repository includes categorized security findings to ensure clarity and organization:
- Public CVEs: Vulnerabilities assigned a CVE ID and publicly disclosed.
- Disputed Findings: Issues that the client or vendor does not recognize as vulnerabilities or has declined to address.
- NoReply Findings: Vulnerabilities awaiting client response.
Each advisory maintains a historical record of security research, clearly marking the status and resolution of each finding.
security-advisories/
├── README.md # This file
├── CVEs/ # Public CVE advisories
│ ├── [CVE-2026-XXXXX] Title.md
│ └── ...
├── Disputed/ # Disputed findings
│ └── ...
└── NoReply/ # Unresponded findings
└── ...
- CVEs/: Contains detailed markdown files for each public CVE, following a standardized format.
- Disputed/: Advisories for findings disputed by the vendor or client.
- NoReply/: Findings pending client response.
- Browse Advisories: Navigate to the relevant folder and open the markdown file.
- Search: Use GitHub's search to find specific CVEs or keywords.
- Reference: Cite advisories in reports or discussions using the CVE ID.
This repository is licensed under the MIT License. See LICENSE for more details.