Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,134
Maven
5,000+
npm
5,000+
NuGet
1,013
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,419
Swift
61
Unreviewed advisories
All unreviewed
5,000+

4,889 advisories

Loading
Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in... Low Unreviewed
CVE-2026-57522 was published Jun 25, 2026
Snipe-IT API Vulnerable to Cross-Tenant Accessory Injection High
CVE-2026-54329 was published for snipe/snipe-it (Composer) Jun 23, 2026
tahirsercan Credited to tahirsercan
When using the "configparser" module to write configuration files containing multi-line text... Moderate Unreviewed
CVE-2026-0864 was published Jun 23, 2026
OpenAM has LDAP Injection via `_queryId` Parameter High
CVE-2026-41573 was published for org.openidentityplatform.openam:openam-core-rest (Maven) Jun 22, 2026
nn0nkey Credited to nn0nkey
A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown... Low Unreviewed
CVE-2026-12822 was published Jun 22, 2026
A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function... Low Unreviewed
CVE-2026-12809 was published Jun 22, 2026
A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability... Low Unreviewed
CVE-2026-12810 was published Jun 22, 2026
A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This... Low Unreviewed
CVE-2026-12812 was published Jun 22, 2026
A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of... Low Unreviewed
CVE-2026-12808 was published Jun 21, 2026
A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the... Low Unreviewed
CVE-2026-12807 was published Jun 21, 2026
A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the... Low Unreviewed
CVE-2026-12789 was published Jun 21, 2026
A vulnerability was detected in Montodel House-Rental-Management up to... Moderate Unreviewed
CVE-2026-12775 was published Jun 21, 2026
A flaw has been found in Montodel House-Rental-Management up to... Low Unreviewed
CVE-2026-12776 was published Jun 21, 2026
containerd CRI — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull High
CVE-2026-53488 was published for github.com/containerd/containerd (Go) Jun 19, 2026
robertprast Credited to robertprast
canto-saas-api: Authenticated API requests can be redirected via unencoded path variables Moderate
CVE-2026-55374 was published for jleehr/canto-saas-api (Composer) Jun 19, 2026
jleehr Credited to jleehr
opentelemetry-collector-contrib sentryexporter: Path traversal in Sentry exporter via attacker-controlled service.name reaches privileged Sentry API endpoints with operator bearer token Moderate
CVE-2026-47256 was published for github.com/open-telemetry/opentelemetry-collector-contrib/exporter/sentryexporter (Go) Jun 18, 2026
brodmart Credited to brodmart
Heimdall: Forwarded Header Injection via Unsanitized Host Header in Proxy Mode High
GHSA-4jgr-pg2m-m988 was published for github.com/dadrus/heimdall (Go) Jun 18, 2026
tikket1 Credited to tikket1
When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an... High Unreviewed
CVE-2026-50107 was published Jun 17, 2026
A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could... Moderate Unreviewed
CVE-2026-20220 was published Jun 17, 2026
yt-dlp: Arbitrary code execution via manifest downloads with aria2c High
CVE-2026-50574 was published for yt-dlp (pip) Jun 16, 2026
seproDev Credited to seproDev, Grub4K, and bashonly Grub4K Grub4K
bashonly bashonly
A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability... Low Unreviewed
CVE-2026-12223 was published Jun 15, 2026
A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function... Low Unreviewed
CVE-2026-12219 was published Jun 15, 2026
A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit:... Low Unreviewed
CVE-2026-12206 was published Jun 15, 2026
A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the... High Unreviewed
CVE-2026-12197 was published Jun 15, 2026
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this... High Unreviewed
CVE-2026-12187 was published Jun 15, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database