- What: A study examined GitHub Security Advisories published between 2019 and 2025 and found that only a small percentage completed GitHub's review process.
- Impact: The majority of advisories remain unreviewed, potentially affecting the reliability of vulnerability information in open-source projects.
GitHub Security Advisories are used to distribute vulnerability information in open-source projects and security tools. A new study finds that only a portion of those advisories ever pass through GitHub’s formal review process. A large scale view of advisory data A review of GitHub Security Advisories published between 2019 and 2025 examined 288,604 advisories. Of those, 23,563, about 8%, completed GitHub’s review process. Although most advisories remain unreviewed, reviewed entries play an outsized role in … More → The post In GitHub’s advisory pipeline, some advisories move faster than others appeared first on Help Net Security .