Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,403 advisories

Loading
A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function... Moderate Unreviewed
CVE-2026-2978 was published Feb 23, 2026
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests... Critical Unreviewed
CVE-2026-21627 was published Feb 20, 2026
Improper access control in Microsoft Teams allows an unauthorized attacker to disclose... High Unreviewed
CVE-2026-21535 was published Feb 20, 2026
The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to authorization... Moderate Unreviewed
CVE-2025-12884 was published Feb 19, 2026
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802... Moderate Unreviewed
CVE-2026-2684 was published Feb 19, 2026
A vulnerability was detected in huanzi-qch base-admin up to... Moderate Unreviewed
CVE-2026-2665 was published Feb 18, 2026
PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low... High Unreviewed
CVE-2025-70064 was published Feb 18, 2026
IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated... Moderate Unreviewed
CVE-2023-38005 was published Feb 18, 2026
An authentication bypass in the application API allows an unauthorized administrative account to... High Unreviewed
CVE-2026-23595 was published Feb 17, 2026
The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access... High Unreviewed
CVE-2026-2592 was published Feb 17, 2026
A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is the function... High Unreviewed
CVE-2026-2550 was published Feb 16, 2026
LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low... High Unreviewed
CVE-2025-70866 was published Feb 14, 2026
Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker... Critical Unreviewed
CVE-2025-69634 was published Feb 12, 2026
Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service... High Unreviewed
CVE-2026-23856 was published Feb 12, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26... High Unreviewed
CVE-2026-20628 was published Feb 12, 2026
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3... Moderate Unreviewed
CVE-2026-20638 was published Feb 12, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2026-20601 was published Feb 12, 2026
An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A... Low Unreviewed
CVE-2026-20642 was published Feb 12, 2026
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2026-20603 was published Feb 12, 2026
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft... Critical Unreviewed
CVE-2025-8025 was published Feb 11, 2026
Improper access control in secure encrypted virtualization (SEV) could allow a privileged... Moderate Unreviewed
CVE-2025-29939 was published Feb 10, 2026
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized... High Unreviewed
CVE-2026-21238 was published Feb 10, 2026
Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security... High Unreviewed
CVE-2026-21255 was published Feb 10, 2026
On TP-Link Tapo C260 v1, a guest‑level authenticated user can bypass intended access restrictions... High Unreviewed
CVE-2026-0653 was published Feb 10, 2026
A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of... Moderate Unreviewed
CVE-2026-2226 was published Feb 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database