GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
348,257 advisories
Filter by severity
When creating an export of all reusable media, the secrets of connected
gift cards were included...
Low
Unreviewed
CVE-2026-11764
was published
Jun 9, 2026
Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows...
High
Unreviewed
CVE-2017-20245
was published
Jun 9, 2026
WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows...
High
Unreviewed
CVE-2017-20247
was published
Jun 9, 2026
Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows...
High
Unreviewed
CVE-2017-20244
was published
Jun 9, 2026
KittyCatfish 2.2 plugin for WordPress contains an SQL injection vulnerability that allows...
High
Unreviewed
CVE-2017-20246
was published
Jun 9, 2026
A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0...
High
Unreviewed
CVE-2026-2638
was published
Jun 9, 2026
WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that...
Critical
Unreviewed
CVE-2017-20251
was published
Jun 9, 2026
In the Linux kernel, the following vulnerability has been resolved:
Revert "mm/hugetlbfs: update...
Moderate
Unreviewed
CVE-2026-46318
was published
Jun 9, 2026
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Reassign...
High
Unreviewed
CVE-2026-46317
was published
Jun 9, 2026
Mac Photo Gallery 3.0 contains a path traversal vulnerability that allows unauthenticated...
High
Unreviewed
CVE-2017-20250
was published
Jun 9, 2026
Apptha Slider Gallery 1.0 contains a path traversal vulnerability that allows unauthenticated...
High
Unreviewed
CVE-2017-20248
was published
Jun 9, 2026
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: vgic-its: Drop...
Critical
Unreviewed
CVE-2026-46316
was published
Jun 9, 2026
In the Linux kernel, the following vulnerability has been resolved:
tap: free page on error...
High
Unreviewed
CVE-2026-46320
was published
Jun 9, 2026
Simply Poll 1.4.1 plugin for WordPress contains an SQL injection vulnerability that allows...
High
Unreviewed
CVE-2016-20062
was published
Jun 9, 2026
Single Personal Message 1.0.3 contains an SQL injection vulnerability that allows authenticated...
High
Unreviewed
CVE-2016-20063
was published
Jun 9, 2026
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated...
Moderate
Unreviewed
CVE-2016-20064
was published
Jun 9, 2026
shell-quote quote() does not escape newlines in object .op values
Critical
CVE-2026-9277
was published
for
shell-quote
(npm)
Jun 9, 2026
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The...
High
Unreviewed
CVE-2026-46746
was published
Jun 9, 2026
A vulnerability has been identified in SIMATIC WinCC Unified PC Runtime V16 (All versions),...
High
Unreviewed
CVE-2026-24349
was published
Jun 9, 2026
A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include...
Moderate
Unreviewed
CVE-2026-52902
was published
Jun 9, 2026
A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 ...
Critical
Unreviewed
CVE-2026-41031
was published
Jun 9, 2026
SQL injection in the ‘two_steps_auth_code’ parameter processed by the ‘twoStepsAuthVerification’...
Critical
Unreviewed
CVE-2026-10731
was published
Jun 9, 2026
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User...
Moderate
Unreviewed
CVE-2026-4058
was published
Jun 9, 2026
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ...
Moderate
Unreviewed
CVE-2025-40808
was published
Jun 9, 2026
Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1,...
Critical
Unreviewed
CVE-2025-10263
was published
Jun 9, 2026
ProTip!
Advisories are also available from the
GraphQL API