GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,362
Composer 5,942
Erlang 70
GitHub Actions 52
Go 3,967
Maven 6,619
npm 6,387
NuGet 973
pip 5,262
Pub 13
RubyGems 1,064
Rust 1,387
Swift 56

Unreviewed advisories

All unreviewed 306,485

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,624 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for... Moderate Unreviewed

CVE-2026-32962 was published Apr 20, 2026

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for... Moderate Unreviewed

CVE-2026-32957 was published Apr 20, 2026

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted ... Critical Unreviewed

CVE-2026-35546 was published Apr 17, 2026

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug ... High Unreviewed

CVE-2026-40461 was published Apr 17, 2026

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability,... Critical Unreviewed

CVE-2026-6348 was published Apr 16, 2026

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows... High Unreviewed

CVE-2026-26160 was published Apr 14, 2026

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows... High Unreviewed

CVE-2026-26159 was published Apr 14, 2026

A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7... Moderate Unreviewed

CVE-2025-53847 was published Apr 14, 2026

This vulnerability exists in the Atom 3x Projector due to improper exposure of the Android Debug... High Unreviewed

CVE-2026-5777 was published Apr 10, 2026

A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators ... High Unreviewed

CVE-2026-33788 was published Apr 10, 2026

A low-privileged remote attacker can send Modbus packets to manipulate register values that are... High Unreviewed

CVE-2026-4436 was published Apr 9, 2026

Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows unauthenticated... Moderate Unreviewed

CVE-2026-5300 was published Apr 8, 2026

Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code... Critical Unreviewed

CVE-2026-22679 was published Apr 7, 2026

The Link Whisper Free WordPress plugin before 0.9.1 has a publicly accessible REST endpoint that... Moderate Unreviewed

CVE-2026-1900 was published Apr 7, 2026

Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows... High Unreviewed

CVE-2026-4272 was published Apr 6, 2026

Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows... High Unreviewed

CVE-2019-25686 was published Apr 5, 2026

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that... High Unreviewed

CVE-2019-25678 was published Apr 5, 2026

Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers... High Unreviewed

CVE-2018-25246 was published Apr 4, 2026

Microsoft VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows... High Unreviewed

CVE-2018-25241 was published Apr 4, 2026

A specific administrative endpoint notifications is accessible without proper authentication. Moderate Unreviewed

CVE-2026-28767 was published Apr 3, 2026

A specific administrative endpoint is accessible without proper authentication, exposing device... High Unreviewed

CVE-2026-32646 was published Apr 3, 2026

A specific endpoint exposes all user account information for registered Gardyn users without... Critical Unreviewed

CVE-2026-28766 was published Apr 3, 2026

Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker... Critical Unreviewed

CVE-2026-32211 was published Apr 3, 2026

HiOS Switch Platform contains a denial-of-service vulnerability in the web interface that allows... Critical Unreviewed

CVE-2025-15620 was published Apr 2, 2026

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's... Moderate Unreviewed

CVE-2026-29132 was published Apr 2, 2026

Previous 1…4…65 Next

Previous 1 2 3 4 5 6 … 64 65 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,624 advisories