This version of GitHub Enterprise Server will be discontinued on 2026-08-25. Discontinued releases are not supported. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features in GitHub Enterprise Server, see Overview of the upgrade process. For help with the upgrade, GitHub Enterprise Support.
Concepts for vulnerability reporting and management
Learn core concepts relating to vulnerability reporting and management on GitHub.
GitHub Advisory database
The GitHub Advisory Database contains a list of known security vulnerabilities and malware, grouped in three categories: GitHub-reviewed advisories, unreviewed advisories, and malware advisories.
Global security advisories
Global security advisories are CVEs and GitHub-originated advisories affecting the open source world, located in the GitHub Advisory Database.