GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
129,432 advisories
Filter by severity
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27995
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27986
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27987
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27990
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27994
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27993
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-28021
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27997
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27992
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-28006
was published
Mar 5, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2026-27367
was published
Mar 5, 2026
Missing Authorization vulnerability in vanquish WooCommerce Order Details woocommerce-order...
High
Unreviewed
CVE-2026-27374
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27381
was published
Mar 5, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2026-27376
was published
Mar 5, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2026-27385
was published
Mar 5, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows...
High
Unreviewed
CVE-2026-27370
was published
Mar 5, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-27985
was published
Mar 5, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2026-27382
was published
Mar 5, 2026
Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting...
High
Unreviewed
CVE-2026-27396
was published
Mar 5, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2026-27428
was published
Mar 5, 2026
Deserialization of Untrusted Data vulnerability in NextScripts NextScripts social-networks-auto...
High
Unreviewed
CVE-2026-27379
was published
Mar 5, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2026-27373
was published
Mar 5, 2026
Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object...
High
Unreviewed
CVE-2026-27369
was published
Mar 5, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes...
High
Unreviewed
CVE-2026-27390
was published
Mar 5, 2026
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive...
High
Unreviewed
CVE-2026-27361
was published
Mar 5, 2026
ProTip!
Advisories are also available from the
GraphQL API