github.com/cli/cli/v2 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-48501Highgithub.com/cli/cli/v2: GitHub CLI has an incorrect authorization header in API requests to TUF repository mirrors via `gh attestation`, `gh release verify`, and…CVE-2026-45803Lowgithub.com/cli/cli/v2: GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injectionCVE-2025-25204Mediumgithub.com/cli/cli/v2: `gh attestation verify` returns incorrect exit code during verification if no attestations are presentCVE-2024-54132Mediumgithub.com/cli/cli/v2: Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerabilityCVE-2024-53858Mediumgithub.com/cli/cli/v2: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hostsCVE-2024-52308Highgithub.com/cli/cli/v2: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

Stop the waste.
Protect your environment with Kodem.