Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

3,942 advisories

Loading
A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of... Moderate Unreviewed
CVE-2026-2226 was published Feb 9, 2026
A security flaw has been discovered in code-projects Online Music Site 1.0. Affected by this... Moderate Unreviewed
CVE-2026-2213 was published Feb 9, 2026
A security vulnerability has been detected in Great Developers Certificate Generation System up... Moderate Unreviewed
CVE-2026-2183 was published Feb 8, 2026
A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some... Moderate Unreviewed
CVE-2026-2164 was published Feb 8, 2026
A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the... Moderate Unreviewed
CVE-2026-2146 was published Feb 8, 2026
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown... Moderate Unreviewed
CVE-2026-2133 was published Feb 8, 2026
Gogs has authorization bypass in repository deletion API Moderate
CVE-2025-65852 was published for gogs.io/gogs (Go) Feb 6, 2026
Yannis175 Credited to Yannis175
Gophish is vulnerable to Incorrect Access Control Moderate
CVE-2025-70963 was published for github.com/gophish/gophish (Go) Feb 6, 2026
Azure Front Door Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2026-24300 was published Feb 6, 2026
Azure Arc Elevation of Privilege Vulnerability High Unreviewed
CVE-2026-24302 was published Feb 6, 2026
Unauthenticated Spree Commerce users can access all guest addresses High
CVE-2026-25758 was published for spree_api (RubyGems) Feb 5, 2026
p- Credited to p-
pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability High
CVE-2026-1707 was published for pgadmin4 (pip) Feb 5, 2026
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the... Critical Unreviewed
CVE-2025-68721 was published Feb 5, 2026
A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an... Moderate Unreviewed
CVE-2025-70997 was published Feb 4, 2026
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of... Moderate Unreviewed
CVE-2026-1813 was published Feb 4, 2026
Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local... High Unreviewed
CVE-2025-60865 was published Feb 3, 2026
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins.... High Unreviewed
CVE-2020-37116 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program... Low Unreviewed
CVE-2025-6592 was published Feb 3, 2026
Lollms has an Improper Access Control vulnerability High
CVE-2026-1117 was published for lollms (pip) Feb 2, 2026
A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is... Moderate Unreviewed
CVE-2026-1742 was published Feb 2, 2026
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade... High Unreviewed
CVE-2025-7016 was published Jan 29, 2026
Dell PremierColor Panel Driver, versions prior to 1.0.0.1 A01, contains an Improper Access... High Unreviewed
CVE-2025-46691 was published Jan 28, 2026
The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2026-0844 was published Jan 28, 2026
Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter) Moderate
CVE-2026-24473 was published for hono (npm) Jan 27, 2026
kilkat Credited to kilkat and JungJoonWoo JungJoonWoo JungJoonWoo
Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access High
CVE-2026-24740 was published for github.com/amir20/dozzle (Go) Jan 27, 2026
k14uz Credited to k14uz
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database