Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

3,940 advisories

Loading
An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8.... Moderate Unreviewed
CVE-2025-69727 was published Mar 16, 2026
Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace High
CVE-2026-32769 was published for github.com/ctfer-io/fullchain (Go) Mar 16, 2026
ViRb3 Credited to ViRb3
Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace High
CVE-2026-32737 was published for github.com/ctfer-io/romeo/environment/deploy (Go) Mar 16, 2026
ViRb3 Credited to ViRb3
Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace High
CVE-2026-32768 was published for github.com/ctfer-io/chall-manager/deploy (Go) Mar 16, 2026
ViRb3 Credited to ViRb3
File Browser Signup Grants Admin When Default Permissions Include Admin Critical
CVE-2026-32760 was published for github.com/filebrowser/filebrowser/v2 (Go) Mar 16, 2026
fg0x0 Credited to fg0x0 and hacdias hacdias hacdias
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an... Moderate Unreviewed
CVE-2026-4221 was published Mar 16, 2026
A vulnerability has been found in Technologies Integrated Management Platform 7.17.0. Affected by... Moderate Unreviewed
CVE-2026-4220 was published Mar 16, 2026
A weakness has been identified in glowxq glowxq-oj up to 6f7c723090472057252040fd2bbbdaa1b5ed2393... Moderate Unreviewed
CVE-2026-4201 was published Mar 16, 2026
A flaw has been found in JawherKl node-api-postgres up to 2.5. Affected is the function path... Moderate Unreviewed
CVE-2026-4191 was published Mar 16, 2026
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the... Moderate Unreviewed
CVE-2026-3111 was published Mar 16, 2026
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the... High Unreviewed
CVE-2026-3110 was published Mar 16, 2026
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or... Moderate Unreviewed
CVE-2026-0977 was published Mar 16, 2026
github.com/ctfer-io/monitoring Vulnerable to Improper Access Control High
CVE-2026-32720 was published for github.com/ctfer-io/monitoring (Go) Mar 13, 2026
ViRb3 Credited to ViRb3
OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists Moderate
GHSA-9vvh-2768-c8vp was published for openclaw (npm) Mar 13, 2026
zpbrent Credited to zpbrent
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on... Critical Unreviewed
CVE-2026-21667 was published Mar 12, 2026
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on... Critical Unreviewed
CVE-2026-21666 was published Mar 12, 2026
OliveTin Vulnerable to Unauthorized Action Output Disclosure via EventStream High
CVE-2026-32102 was published for github.com/OliveTin/OliveTin (Go) Mar 12, 2026
kule500 Credited to kule500
Winter vulnerable to privilege escalation by authenticated backend users Critical
CVE-2026-27591 was published for winter/wn-backend-module (Composer) Mar 12, 2026
skyhex19 Credited to skyhex19
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3934 was published Mar 12, 2026
Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote... Moderate Unreviewed
CVE-2026-3939 was published Mar 12, 2026
Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed... High Unreviewed
CVE-2026-3932 was published Mar 12, 2026
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3940 was published Mar 12, 2026
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3938 was published Mar 12, 2026
Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0... Critical Unreviewed
CVE-2025-66956 was published Mar 11, 2026
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access... Low Unreviewed
CVE-2026-24509 was published Mar 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database