Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

4,852 advisories

Loading
Missing Authorization vulnerability in raratheme The Conference the-conference allows Exploiting... Moderate Unreviewed
CVE-2026-32335 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme JobScout jobscout allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32334 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Bakes And Cakes bakes-and-cakes allows... Moderate Unreviewed
CVE-2026-32339 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing... Moderate Unreviewed
CVE-2026-32338 was published Mar 13, 2026
Missing Authorization vulnerability in UX-themes Flatsome flatsome allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-31915 was published Mar 13, 2026
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode... Moderate Unreviewed
CVE-2026-31916 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Rara Business rara-business allows Exploiting... Moderate Unreviewed
CVE-2026-32336 was published Mar 13, 2026
Missing Authorization vulnerability in Israpil Textmetrics webtexttool allows Exploiting... Moderate Unreviewed
CVE-2026-32331 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Business One Page business-one-page allows... Moderate Unreviewed
CVE-2026-32340 was published Mar 13, 2026
Missing Authorization vulnerability in Ays Pro Advanced Related Posts advanced-related-posts... Moderate Unreviewed
CVE-2026-32329 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Benevolent benevolent allows Exploiting... Moderate Unreviewed
CVE-2026-32341 was published Mar 13, 2026
Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32332 was published Mar 13, 2026
OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions Moderate
GHSA-8jhh-jcqg-mj5p was published for openclaw (npm) Mar 13, 2026
tdjackey Credited to tdjackey
A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could... Moderate Unreviewed
CVE-2026-28254 was published Mar 12, 2026
Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page Moderate
CVE-2026-32230 was published for uptime-kuma (npm) Mar 12, 2026
kuranikaran Credited to kuranikaran
The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint,... Moderate Unreviewed
CVE-2025-15473 was published Mar 12, 2026
A security vulnerability has been detected in projectsend up to r1945. The affected element is an... Moderate Unreviewed
CVE-2026-3977 was published Mar 12, 2026
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email... Moderate Unreviewed
CVE-2026-3226 was published Mar 12, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18... Moderate Unreviewed
CVE-2026-1663 was published Mar 11, 2026
WordPress core is vulnerable to unauthorized access in versions 6.9 through 6.9.1. The Notes... Moderate Unreviewed
CVE-2026-3906 was published Mar 11, 2026
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in... Moderate Unreviewed
CVE-2026-1781 was published Mar 11, 2026
Sylius is Missing Authorization in API v2 Add Item Endpoint Moderate
CVE-2026-31821 was published for sylius/sylius (Composer) Mar 11, 2026
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2026-3582 was published Mar 10, 2026
Due to a Missing Authorization Check in SAP Business Warehouse (Service API), an authenticated... Moderate Unreviewed
CVE-2026-27686 was published Mar 10, 2026
Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an... Moderate Unreviewed
CVE-2026-27688 was published Mar 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database