Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

6,660 advisories

Loading
Missing Authorization vulnerability in Israpil Textmetrics webtexttool allows Exploiting... Moderate Unreviewed
CVE-2026-32331 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme JobScout jobscout allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32334 was published Mar 13, 2026
Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32332 was published Mar 13, 2026
Missing Authorization vulnerability in Ays Pro Advanced Related Posts advanced-related-posts... Moderate Unreviewed
CVE-2026-32329 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing... Moderate Unreviewed
CVE-2026-32338 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Preschool and Kindergarten preschool-and... Moderate Unreviewed
CVE-2026-32337 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme The Conference the-conference allows Exploiting... Moderate Unreviewed
CVE-2026-32335 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Business One Page business-one-page allows... Moderate Unreviewed
CVE-2026-32340 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Bakes And Cakes bakes-and-cakes allows... Moderate Unreviewed
CVE-2026-32339 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Benevolent benevolent allows Exploiting... Moderate Unreviewed
CVE-2026-32341 was published Mar 13, 2026
wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows... High Unreviewed
CVE-2026-22182 was published Mar 13, 2026
OpenClaw: WebSocket shared-auth connections could self-declare elevated scopes Critical
GHSA-rqpp-rjj8-7wv8 was published for openclaw (npm) Mar 13, 2026
LUOYEcode Credited to LUOYEcode
OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions Moderate
GHSA-8jhh-jcqg-mj5p was published for openclaw (npm) Mar 13, 2026
tdjackey Credited to tdjackey
A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could... Moderate Unreviewed
CVE-2026-28254 was published Mar 12, 2026
Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page Moderate
CVE-2026-32230 was published for uptime-kuma (npm) Mar 12, 2026
kuranikaran Credited to kuranikaran
The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint,... Moderate Unreviewed
CVE-2025-15473 was published Mar 12, 2026
A security vulnerability has been detected in projectsend up to r1945. The affected element is an... Moderate Unreviewed
CVE-2026-3977 was published Mar 12, 2026
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email... Moderate Unreviewed
CVE-2026-3226 was published Mar 12, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8... Low Unreviewed
CVE-2025-12704 was published Mar 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18... Moderate Unreviewed
CVE-2026-1663 was published Mar 11, 2026
WordPress core is vulnerable to unauthorized access in versions 6.9 through 6.9.1. The Notes... Moderate Unreviewed
CVE-2026-3906 was published Mar 11, 2026
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed
CVE-2026-1781 was published Mar 11, 2026
Parse Server: Classes `_GraphQLConfig` and `_Audience` master key bypass via generic class routes High
CVE-2026-31800 was published for parse-server (npm) Mar 11, 2026
theinfosecguy Credited to theinfosecguy and mtrezza mtrezza mtrezza
Sylius is Missing Authorization in API v2 Add Item Endpoint Moderate
CVE-2026-31821 was published for sylius/sylius (Composer) Mar 11, 2026
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2026-3582 was published Mar 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database