GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,212
Composer 5,909
Erlang 70
GitHub Actions 52
Go 3,948
Maven 6,604
npm 6,342
NuGet 969
pip 5,225
Pub 13
RubyGems 1,062
Rust 1,383
Swift 56

Unreviewed advisories

All unreviewed 305,454

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,174 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18... Moderate Unreviewed

CVE-2026-2104 was published Apr 9, 2026

Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to... Moderate Unreviewed

CVE-2026-5875 was published Apr 9, 2026

A flaw was found in Red Hat Quay's container image upload process. An authenticated user with... High Unreviewed

CVE-2026-32589 was published Apr 8, 2026

Wimi Teamwork On-Premises versions prior to 8.2.0 contain an insecure direct object reference... Moderate Unreviewed

CVE-2026-35023 was published Apr 8, 2026

Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments... Moderate Unreviewed

CVE-2026-39616 was published Apr 8, 2026

Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery... Low Unreviewed

CVE-2026-39510 was published Apr 8, 2026

Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream... Moderate Unreviewed

CVE-2026-39526 was published Apr 8, 2026

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-4654 was published Apr 8, 2026

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-4330 was published Apr 8, 2026

The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is... Moderate Unreviewed

CVE-2026-5167 was published Apr 8, 2026

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to... High Unreviewed

CVE-2026-5465 was published Apr 7, 2026

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible... High Unreviewed

CVE-2026-4896 was published Apr 4, 2026

A specific endpoint allows authenticated users to pivot to other user profiles by modifying the... Critical Unreviewed

CVE-2026-25197 was published Apr 3, 2026

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel... High Unreviewed

CVE-2026-32976 was published Mar 31, 2026

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor... Moderate Unreviewed

CVE-2026-3139 was published Mar 31, 2026

Insecure Direct Object Reference (IDOR) vulnerability in 1millionbot Millie chat that allows... High Unreviewed

CVE-2026-4400 was published Mar 31, 2026

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1... High Unreviewed

CVE-2026-3321 was published Mar 30, 2026

The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in... High Unreviewed

CVE-2026-3124 was published Mar 30, 2026

Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for... Critical Unreviewed

CVE-2026-1496 was published Mar 27, 2026

The Elementor Website Builder plugin for WordPress is vulnerable to Incorrect Authorization to... Moderate Unreviewed

CVE-2026-1206 was published Mar 26, 2026

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct... Moderate Unreviewed

CVE-2025-14974 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint... Moderate Unreviewed

CVE-2026-32533 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support... Moderate Unreviewed

CVE-2026-32535 was published Mar 25, 2026

Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege... Moderate Unreviewed

CVE-2026-2414 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription... High Unreviewed

CVE-2025-69347 was published Mar 25, 2026

Previous 1…5…47 Next

Previous 1 2 3 4 5 6 7 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,174 advisories