GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,601

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,051 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in... Critical Unreviewed

CVE-2026-43379 was published May 8, 2026

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC... Critical Unreviewed

CVE-2026-43384 was published May 8, 2026

Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed

CVE-2026-37431 was published May 8, 2026

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent... Critical Unreviewed

CVE-2026-43341 was published May 8, 2026

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for... Critical Unreviewed

CVE-2026-44125 was published May 8, 2026

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code... Critical Unreviewed

CVE-2026-44128 was published May 8, 2026

SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which... Critical Unreviewed

CVE-2026-44126 was published May 8, 2026

In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce... Critical Unreviewed

CVE-2026-43304 was published May 8, 2026

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection... Critical Unreviewed

CVE-2022-50994 was published May 8, 2026

Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to... Critical Unreviewed

CVE-2026-25199 was published May 8, 2026

Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the... Critical Unreviewed

CVE-2026-8076 was published May 8, 2026

OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior... Critical Unreviewed

CVE-2026-8153 was published May 8, 2026

A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the... Critical Unreviewed

CVE-2026-6213 was published May 8, 2026

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores... Critical Unreviewed

CVE-2013-10075 was published May 8, 2026

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE... Critical Unreviewed

CVE-2025-67887 was published May 8, 2026

Certain GL.iNet devices with 4.x firmware allow authentication bypass (resulting in... Critical Unreviewed

CVE-2023-46453 was published May 8, 2026

RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control... Critical Unreviewed

CVE-2025-69599 was published May 8, 2026

Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the... Critical Unreviewed

CVE-2025-69691 was published May 8, 2026

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file... Critical Unreviewed

CVE-2025-69690 was published May 8, 2026

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized... Critical Unreviewed

CVE-2026-42826 was published May 8, 2026

The VerySecureApp made by DIVD using Mendix Studio Pro 11.8.0 Beta allows unintended data... Critical Unreviewed

CVE-2026-7891 was published May 8, 2026

Improper neutralization of special elements used in a command ('command injection') in Azure... Critical Unreviewed

CVE-2026-35428 was published May 8, 2026

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized... Critical Unreviewed

CVE-2026-33109 was published May 8, 2026

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information... Critical Unreviewed

CVE-2026-33823 was published May 8, 2026

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized... Critical Unreviewed

CVE-2026-33844 was published May 8, 2026

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,051 advisories