GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,212
Composer 5,909
Erlang 70
GitHub Actions 52
Go 3,948
Maven 6,604
npm 6,342
NuGet 969
pip 5,225
Pub 13
RubyGems 1,062
Rust 1,383
Swift 56

Unreviewed advisories

All unreviewed 305,454

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,174 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18... Moderate Unreviewed

CVE-2025-13874 was published May 14, 2026

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is... Moderate Unreviewed

CVE-2026-7648 was published May 14, 2026

Insufficient ownership checks in `clientarea.php` allow an authenticated client area user to... Critical Unreviewed

CVE-2026-29204 was published May 12, 2026

An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send... Moderate Unreviewed

CVE-2023-30059 was published May 12, 2026

Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS... High Unreviewed

CVE-2026-6001 was published May 12, 2026

HireFlow v1.2 is vulnerable to Incorrect Access Control. The application does not enforce object... High Unreviewed

CVE-2026-38568 was published May 11, 2026

In Meari IoT Cloud MQTT Broker deployments running EMQX 4.x, any authenticated low-privilege... High Unreviewed

CVE-2026-33356 was published May 11, 2026

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability... High Unreviewed

CVE-2026-44400 was published May 8, 2026

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist... Moderate Unreviewed

CVE-2026-27329 was published May 7, 2026

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote... Moderate Unreviewed

CVE-2026-20219 was published May 6, 2026

Dify before version 1.14.0 contains an authorization bypass vulnerability that allows... Moderate Unreviewed

CVE-2026-41950 was published May 5, 2026

The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2026-3454 was published May 5, 2026

The Forminator plugin for WordPress is vulnerable to authorization bypass in all versions up to,... Moderate Unreviewed

CVE-2026-2729 was published May 5, 2026

Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information... High Unreviewed

CVE-2026-41471 was published May 4, 2026

A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20... Critical Unreviewed

CVE-2026-29200 was published May 4, 2026

During the analysis, it was identified that authenticated attackers with Subscriber-level access... Moderate Unreviewed

CVE-2026-5337 was published May 3, 2026

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible... High Unreviewed

CVE-2026-2554 was published May 2, 2026

School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing... High Unreviewed

CVE-2026-7491 was published May 2, 2026

The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is... Moderate Unreviewed

CVE-2026-7638 was published May 2, 2026

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction... Moderate Unreviewed

CVE-2026-6542 was published May 1, 2026

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view... High Unreviewed

CVE-2026-4503 was published Apr 30, 2026

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc... High Unreviewed

CVE-2026-7399 was published Apr 30, 2026

This vulnerability exists in e-Sushrut due to improper authorization checks during resource... High Unreviewed

CVE-2026-42516 was published Apr 29, 2026

This vulnerability exists in e-Sushrut due to improper access control in resource access... High Unreviewed

CVE-2026-42515 was published Apr 29, 2026

This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for... High Unreviewed

CVE-2026-42517 was published Apr 29, 2026

Previous 1…3…47 Next

Previous 1 2 3 4 5 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,174 advisories