Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,624 advisories

Loading
An unsecured configuration interface on affected devices allows unauthenticated remote attackers... High Unreviewed
CVE-2026-3323 was published Apr 28, 2026
Penetration Testing engineers at Amazon have identified a security flaw related to request... High Unreviewed
CVE-2024-54013 was published Apr 28, 2026
CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI... High Unreviewed
CVE-2026-41473 was published Apr 24, 2026
bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection... Moderate Unreviewed
CVE-2026-42095 was published Apr 24, 2026
A client holding only a read JWT scope can still register itself as a signal provider through the... High Unreviewed
CVE-2026-6272 was published Apr 24, 2026
A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and... Critical Unreviewed
CVE-2026-25775 was published Apr 24, 2026
A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of... High Unreviewed
CVE-2026-35064 was published Apr 24, 2026
A vulnerability exists in SenseLive X3050's web management interface that allows critical... Critical Unreviewed
CVE-2026-27843 was published Apr 24, 2026
A vulnerability in SenseLive X3050’s embedded management service allows full administrative... Critical Unreviewed
CVE-2026-40620 was published Apr 24, 2026
A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to... High Unreviewed
CVE-2026-6376 was published Apr 23, 2026
Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 (other versions may be... Critical Unreviewed
CVE-2026-23751 was published Apr 23, 2026
Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the... High Unreviewed
CVE-2018-25259 was published Apr 22, 2026
Inadequate access control in the registration process in Fullstep V5, which could allow... High Unreviewed
CVE-2026-5749 was published Apr 22, 2026
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware ... Moderate Unreviewed
CVE-2026-34289 was published Apr 21, 2026
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware ... Moderate Unreviewed
CVE-2026-34288 was published Apr 21, 2026
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware ... Critical Unreviewed
CVE-2026-34285 was published Apr 21, 2026
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware ... Critical Unreviewed
CVE-2026-34286 was published Apr 21, 2026
Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite ... Critical Unreviewed
CVE-2026-34275 was published Apr 21, 2026
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2026-34280 was published Apr 21, 2026
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager... Critical Unreviewed
CVE-2026-34279 was published Apr 21, 2026
Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2026-34266 was published Apr 21, 2026
NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints... High Unreviewed
CVE-2026-24177 was published Apr 21, 2026
This vulnerability exists in Quantum Networks router due to improper access control and insecure... High Unreviewed
CVE-2026-41039 was published Apr 21, 2026
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0... High Unreviewed
CVE-2026-26944 was published Apr 20, 2026
An improper access control vulnerability in the canonical-livepatch snap client prior to version... Moderate Unreviewed
CVE-2026-6369 was published Apr 20, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database