GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
164,149 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2026-34890
was published
Apr 2, 2026
Keycloak: Replay of action tokens via improper handling of single-use entries
Moderate
CVE-2026-4325
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 2, 2026
A vulnerability was determined in OpenCart 4.1.0.3. This affects an unknown part of the file...
Moderate
Unreviewed
CVE-2026-5331
was published
Apr 2, 2026
A weakness has been identified in shsuishang modulithshop up to...
Moderate
Unreviewed
CVE-2026-5328
was published
Apr 2, 2026
An unauthenticated remote attacker can access a configuration file containing database...
Moderate
Unreviewed
CVE-2026-33617
was published
Apr 2, 2026
A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function...
Moderate
Unreviewed
CVE-2026-5246
was published
Apr 2, 2026
A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an...
Moderate
Unreviewed
CVE-2026-5326
was published
Apr 2, 2026
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix constant blinding...
Moderate
Unreviewed
CVE-2026-23417
was published
Apr 2, 2026
In the Linux kernel, the following vulnerability has been resolved:
mm/mseal: update VMA end...
Moderate
Unreviewed
CVE-2026-23416
was published
Apr 2, 2026
In the Linux kernel, the following vulnerability has been resolved:
tls: Purge async_hold in...
Moderate
Unreviewed
CVE-2026-23414
was published
Apr 2, 2026
A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function...
Moderate
Unreviewed
CVE-2026-5245
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA...
Moderate
Unreviewed
CVE-2026-29134
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted...
Moderate
Unreviewed
CVE-2026-29138
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted...
Moderate
Unreviewed
CVE-2026-29142
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted...
Moderate
Unreviewed
CVE-2026-29131
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from...
Moderate
Unreviewed
CVE-2026-29137
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into...
Moderate
Unreviewed
CVE-2026-29136
was published
Apr 2, 2026
A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function...
Moderate
Unreviewed
CVE-2026-5244
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag...
Moderate
Unreviewed
CVE-2026-29135
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with...
Moderate
Unreviewed
CVE-2026-29133
was published
Apr 2, 2026
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's...
Moderate
Unreviewed
CVE-2026-29132
was published
Apr 2, 2026
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions...
Moderate
Unreviewed
CVE-2026-0688
was published
Apr 2, 2026
A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1...
Moderate
Unreviewed
CVE-2026-5325
was published
Apr 2, 2026
A vulnerability has been found in AlejandroArciniegas mcp-data-vis...
Moderate
Unreviewed
CVE-2026-5322
was published
Apr 2, 2026
A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown...
Moderate
Unreviewed
CVE-2026-5321
was published
Apr 2, 2026
ProTip!
Advisories are also available from the
GraphQL API