Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

4,823 advisories

Loading
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32396 was published Mar 13, 2026
Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager... Moderate Unreviewed
CVE-2026-32394 was published Mar 13, 2026
Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32587 was published Mar 16, 2026
Missing Authorization vulnerability in Webnus Inc. Modern Events Calendar allows Exploiting... Moderate Unreviewed
CVE-2026-32583 was published Mar 16, 2026
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows... Moderate Unreviewed
CVE-2026-32373 was published Mar 13, 2026
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form... Moderate Unreviewed
CVE-2026-32385 was published Mar 13, 2026
Missing Authorization vulnerability in linethemes Nanosoft nanosoft allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32390 was published Mar 13, 2026
Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce.This issue affects... Moderate Unreviewed
CVE-2023-51692 was published Feb 28, 2024
The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is... Moderate Unreviewed
CVE-2026-2373 was published Mar 17, 2026
Missing Authorization vulnerability in Pluggabl Booster for WooCommerce allows Exploiting... Moderate Unreviewed
CVE-2026-32586 was published Mar 17, 2026
Mattermost allows a removed team member to enumerate all public channels within a private team Moderate
CVE-2026-2458 was published for github.com/mattermost/mattermost-server (Go) Mar 16, 2026
Mattermost fails to filter invite IDs based on user permissions Moderate
CVE-2026-2463 was published for github.com/mattermost/mattermost-server (Go) Mar 16, 2026
The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress... Moderate Unreviewed
CVE-2024-0372 was published Feb 6, 2024
The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress... Moderate Unreviewed
CVE-2024-0371 was published Feb 6, 2024
The Subscriptions for WooCommerce plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed
CVE-2026-1926 was published Mar 18, 2026
Missing Authorization vulnerability in WebberZone Contextual Related Posts allows Exploiting... Moderate Unreviewed
CVE-2026-32565 was published Mar 18, 2026
The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2026-2559 was published Mar 18, 2026
Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting... Moderate Unreviewed
CVE-2026-28070 was published Mar 19, 2026
Missing Authorization vulnerability in UiPress UiPress lite allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-27091 was published Mar 19, 2026
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary... Moderate Unreviewed
CVE-2026-3475 was published Mar 19, 2026
Missing Authorization (CWE-862) in Kibana’s server-side Detection Rule Management can lead to... Moderate Unreviewed
CVE-2026-26939 was published Mar 19, 2026
Yoast Duplicate Post has an Authenticated (Contributor+) Missing Authorization to Arbitrary Post Duplication and Overwrite Moderate
CVE-2026-1217 was published for yoast/duplicate-post (Composer) Mar 18, 2026
ictbeheer Credited to ictbeheer
The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to,... Moderate Unreviewed
CVE-2026-3550 was published Mar 20, 2026
Admidio is Missing Authorization on Forum Topic and Post Deletion Moderate
CVE-2026-32818 was published for admidio/admidio (Composer) Mar 16, 2026
offset Credited to offset
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2026-3567 was published Mar 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database