Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

10,344 advisories

Loading
The Context Blog theme for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2025-12074 was published Feb 18, 2026
OpenClaw skills.status could leak secrets to operator.read clients Moderate
CVE-2026-26326 was published for openclaw (npm) Feb 17, 2026
simecek Credited to simecek and stanislavfortaisle stanislavfortaisle stanislavfortaisle
Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could... Moderate Unreviewed
CVE-2026-23597 was published Feb 17, 2026
An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to... Moderate Unreviewed
CVE-2025-70829 was published Feb 17, 2026
Mattermost fails to sanitize sensitive data in WebSocket messages Moderate
CVE-2025-13821 was published for github.com/mattermost/mattermost-server (Go) Feb 16, 2026
The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2025-13973 was published Feb 14, 2026
Known affected by Account Takeover via Password Reset Token Leakage Critical
CVE-2026-26273 was published for idno/known (Composer) Feb 13, 2026
IamLeandrooooo Credited to IamLeandrooooo
Public dashboards with annotations enabled did not limit their annotation timerange to the locked... Moderate Unreviewed
CVE-2026-21722 was published Feb 12, 2026
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2026-20681 was published Feb 12, 2026
An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed
CVE-2026-20678 was published Feb 12, 2026
An authorization issue was addressed with improved state management. This issue is fixed in macOS... Moderate Unreviewed
CVE-2026-20662 was published Feb 12, 2026
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and... Moderate Unreviewed
CVE-2026-20674 was published Feb 12, 2026
A logic issue was addressed with improved state management. This issue is fixed in iOS 26.3 and... Moderate Unreviewed
CVE-2026-20682 was published Feb 12, 2026
The issue was addressed with additional restrictions on the observability of app states. This... Moderate Unreviewed
CVE-2026-20680 was published Feb 12, 2026
A privacy issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4,... Moderate Unreviewed
CVE-2026-20612 was published Feb 12, 2026
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.3... High Unreviewed
CVE-2026-20606 was published Feb 12, 2026
This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3.... Moderate Unreviewed
CVE-2026-20647 was published Feb 12, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2026-20619 was published Feb 12, 2026
A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26... High Unreviewed
CVE-2026-20641 was published Feb 12, 2026
A privacy issue was addressed by moving sensitive data to a protected location. This issue is... Moderate Unreviewed
CVE-2026-20648 was published Feb 12, 2026
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Moderate Unreviewed
CVE-2026-20623 was published Feb 12, 2026
Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a... Moderate Unreviewed
CVE-2026-2317 was published Feb 11, 2026
An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted... High Unreviewed
CVE-2024-26477 was published Feb 11, 2026
An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted... Moderate Unreviewed
CVE-2024-26479 was published Feb 11, 2026
An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted... Moderate Unreviewed
CVE-2024-26478 was published Feb 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database