GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
288 advisories
Filter by severity
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers...
High
Unreviewed
CVE-2019-25718
was published
Jun 2, 2026
In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security...
High
Unreviewed
CVE-2026-0088
was published
Jun 2, 2026
Symfony's HtmlSanitizer URL Attributes Pass Through BiDi Override Characters → Visual href Spoofing
Moderate
CVE-2026-45064
was published
for
symfony/html-sanitizer
(Composer)
May 27, 2026
PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but...
Low
Unreviewed
CVE-2026-48851
was published
May 26, 2026
Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain...
Moderate
Unreviewed
CVE-2026-9078
was published
May 26, 2026
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a...
Moderate
Unreviewed
CVE-2026-9110
was published
May 20, 2026
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
High
Unreviewed
CVE-2026-8964
was published
May 19, 2026
Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a...
Moderate
Unreviewed
CVE-2026-8584
was published
May 14, 2026
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote...
Moderate
Unreviewed
CVE-2026-8561
was published
May 14, 2026
Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed...
Moderate
Unreviewed
CVE-2026-8565
was published
May 14, 2026
Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168...
Moderate
Unreviewed
CVE-2026-8564
was published
May 14, 2026
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based)...
Moderate
Unreviewed
CVE-2026-42891
was published
May 12, 2026
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based)...
Moderate
Unreviewed
CVE-2026-40416
was published
May 12, 2026
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android...
Moderate
Unreviewed
CVE-2026-35429
was published
May 12, 2026
An inconsistent user interface issue was addressed with improved state management. This issue is...
High
Unreviewed
CVE-2025-46311
was published
May 12, 2026
SAPUI5 (Search UI) allows an unauthenticated attacker to manipulate specific URL parameters on...
Moderate
Unreviewed
CVE-2026-34258
was published
May 12, 2026
An inconsistent user interface issue was addressed with improved state management. This issue is...
High
Unreviewed
CVE-2026-28964
was published
May 11, 2026
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote...
Moderate
Unreviewed
CVE-2026-8015
was published
May 6, 2026
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an...
Moderate
Unreviewed
CVE-2026-8008
was published
May 6, 2026
Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a...
Moderate
Unreviewed
CVE-2026-8019
was published
May 6, 2026
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an...
Moderate
Unreviewed
CVE-2026-8006
was published
May 6, 2026
Inappropriate implementation in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote...
Moderate
Unreviewed
CVE-2026-7935
was published
May 6, 2026
Duplicate Advisory: uutils coreutils's User Interface (UI) Misrepresents Critical Information
Low
GHSA-53gr-wmf4-8hh3
was published
for
coreutils
(Rust)
Apr 22, 2026
•
withdrawn
LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where...
Moderate
Unreviewed
CVE-2026-3861
was published
Apr 16, 2026
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2026-33118
was published
Apr 11, 2026
ProTip!
Advisories are also available from the
GraphQL API