You can now programmatically view and act on repository advisories via a new REST API. New endpoints to create, view, list, and update advisories are available to all. Additionally, new webhooks have been introduced that will alert maintainers when advisories are published or when a private vulnerability report is submitted.
Current advisory permissions extend to API usage.