diff --git a/lib/workers/repository/process/vulnerabilities.ts b/lib/workers/repository/process/vulnerabilities.ts
index 49fb8e637383d12c9b63a51de86a76e2abeed07e..76434db02bef26928fff9c6048da4ae22e71dbfe 100644
--- a/lib/workers/repository/process/vulnerabilities.ts
+++ b/lib/workers/repository/process/vulnerabilities.ts
@@ -15,6 +15,7 @@ import {
   VersioningApi,
   get as getVersioning,
 } from '../../../modules/versioning';
+import { find } from '../../../util/host-rules';
 import { sanitizeMarkdown } from '../../../util/markdown';
 import * as p from '../../../util/promises';
 import { regEx } from '../../../util/regex';
@@ -46,7 +47,13 @@ export class Vulnerabilities {
   private constructor() {}
 
   private async initialize(): Promise<void> {
-    this.osvOffline = await OsvOffline.create();
+    // hard-coded logic to use authentication for github.com based on the githubToken for api.github.com
+    const gitHubHostRule = find({
+      hostType: 'github',
+      url: 'https://api.github.com/',
+    });
+
+    this.osvOffline = await OsvOffline.create(gitHubHostRule?.token);
   }
 
   static async create(): Promise<Vulnerabilities> {