Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,051 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get... Critical Unreviewed
CVE-2026-43117 was published May 6, 2026
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and... Critical Unreviewed
CVE-2026-43083 was published May 6, 2026
Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp... Critical Unreviewed
CVE-2026-28780 was published May 6, 2026
Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user... Critical Unreviewed
CVE-2026-38428 was published May 5, 2026
OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature... Critical Unreviewed
CVE-2026-38429 was published May 5, 2026
ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection (SSTI). An attacker... Critical Unreviewed
CVE-2026-38431 was published May 5, 2026
In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when... Critical Unreviewed
CVE-2026-43067 was published May 5, 2026
In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal... Critical Unreviewed
CVE-2026-43071 was published May 5, 2026
An issue was discovered in Gambio 4.9.2.0 (patched in 2024-02 v1.0.0 for GX4 v4.0.0.0 to v4.9.2.0... Critical Unreviewed
CVE-2026-34408 was published May 5, 2026
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD... Critical Unreviewed
CVE-2026-36356 was published May 5, 2026
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in... Critical Unreviewed
CVE-2023-54342 was published May 5, 2026
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows... Critical Unreviewed
CVE-2023-54344 was published May 5, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2026-40797 was published May 5, 2026
The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and... Critical Unreviewed
CVE-2026-5294 was published May 5, 2026
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions... Critical Unreviewed
CVE-2026-5722 was published May 5, 2026
The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2025-13618 was published May 5, 2026
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection... Critical Unreviewed
CVE-2026-41925 was published May 4, 2026
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection... Critical Unreviewed
CVE-2026-41922 was published May 4, 2026
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection... Critical Unreviewed
CVE-2026-41926 was published May 4, 2026
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection... Critical Unreviewed
CVE-2026-41924 was published May 4, 2026
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection... Critical Unreviewed
CVE-2026-41923 was published May 4, 2026
Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the ... Critical Unreviewed
CVE-2026-42796 was published May 4, 2026
D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The... Critical Unreviewed
CVE-2026-42376 was published May 4, 2026
D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The... Critical Unreviewed
CVE-2026-42374 was published May 4, 2026
D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The... Critical Unreviewed
CVE-2026-42373 was published May 4, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database