GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
164,149 advisories
Filter by severity
A flaw was found in the admin REST API of Keycloak, a solution for identity and access management...
Moderate
Unreviewed
CVE-2026-16106
was published
Jul 17, 2026
HCL DevOps Loop is affected by a Cross-Origin Resource Sharing (CORS) misconfiguration. Improper...
Moderate
Unreviewed
CVE-2026-21761
was published
Jul 17, 2026
A flaw was found in the authentication configuration endpoint of the keycloak-services component,...
Moderate
Unreviewed
CVE-2026-16104
was published
Jul 17, 2026
Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering...
Moderate
Unreviewed
CVE-2026-11763
was published
Jul 17, 2026
TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that...
Moderate
Unreviewed
CVE-2026-63098
was published
Jul 17, 2026
Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows...
Moderate
Unreviewed
CVE-2026-63096
was published
Jul 17, 2026
A denial of service vulnerability was identified in GitHub Enterprise Server that allowed an...
Moderate
Unreviewed
CVE-2026-15007
was published
Jul 17, 2026
A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an...
Moderate
Unreviewed
CVE-2026-15783
was published
Jul 17, 2026
Dendrite through 0.13.8 contains an improper access control vulnerability in the syncapi /context...
Moderate
Unreviewed
CVE-2026-63097
was published
Jul 17, 2026
Skipper: Unbounded Request Body Read in Admission Webhook Causes Memory Exhaustion DoS
Moderate
CVE-2026-54247
was published
for
github.com/zalando/skipper
(Go)
Jul 17, 2026
vLLM: Speech-to-text upload size limit is enforced after full UploadFile read
Moderate
CVE-2026-55646
was published
for
vllm
(pip)
Jul 17, 2026
vLLM: Processing differential in multi-channel audio downmixing enables hidden-input/moderation bypass for audio models
Moderate
CVE-2026-34760
was published
for
vllm
(pip)
Jul 17, 2026
A flaw was found in the keycloak-services component of Red Hat Build of Keycloak. The issue...
Moderate
Unreviewed
CVE-2026-16089
was published
Jul 17, 2026
Missing support for integrity check vulnerability in ABB KNX Update Tool (ABB), ABB KNX Update...
Moderate
Unreviewed
CVE-2026-12705
was published
Jul 17, 2026
Incorrect access control in Proxmox Virtual Environment (PVE) 9.x qemu-server before 9.1.8 and 8...
Moderate
Unreviewed
CVE-2026-51083
was published
Jul 17, 2026
A cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment (PVE) 9.x 5.1.8 and...
Moderate
Unreviewed
CVE-2026-51081
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to attack since the application does not have an appropriate...
Moderate
Unreviewed
CVE-2024-23571
was published
Jul 17, 2026
HCL Aftermarket EPC is affected by Sensitive Information in GET method & in URL which allows...
Moderate
Unreviewed
CVE-2024-23567
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to attacks since the server software version used by the...
Moderate
Unreviewed
CVE-2024-23568
was published
Jul 17, 2026
HCL Aftermarket EPC is affected by clickjacking vulnerability Cross-Frame Scripting is an attack...
Moderate
Unreviewed
CVE-2024-23570
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to email flooding as the application does not have a proper...
Moderate
Unreviewed
CVE-2024-23565
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to attack since It was found that a malicious actor can use...
Moderate
Unreviewed
CVE-2024-23574
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST...
Moderate
Unreviewed
CVE-2024-23577
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to attack since the application returns detailed error messages...
Moderate
Unreviewed
CVE-2024-23575
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to attack since HTTP OPTIONS method is enabled on this web...
Moderate
Unreviewed
CVE-2024-42214
was published
Jul 17, 2026
ProTip!
Advisories are also available from the
GraphQL API