GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,996
Composer 5,462
Erlang 46
GitHub Actions 48
Go 3,359
Maven 6,349
npm 5,410
NuGet 881
pip 4,554
Pub 12
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,661

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,765 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Authorization vulnerability in UX-themes Flatsome flatsome allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2026-31915 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme Rara Business rara-business allows Exploiting... Moderate Unreviewed

CVE-2026-32336 was published Mar 13, 2026

Missing Authorization vulnerability in Israpil Textmetrics webtexttool allows Exploiting... Moderate Unreviewed

CVE-2026-32331 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme Business One Page business-one-page allows... Moderate Unreviewed

CVE-2026-32340 was published Mar 13, 2026

The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all... High Unreviewed

CVE-2026-2890 was published Mar 13, 2026

Missing Authorization vulnerability in Ays Pro Advanced Related Posts advanced-related-posts... Moderate Unreviewed

CVE-2026-32329 was published Mar 13, 2026

Missing Authorization vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons... Moderate Unreviewed

CVE-2026-31919 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme Preschool and Kindergarten preschool-and... Moderate Unreviewed

CVE-2026-32337 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme The Conference the-conference allows Exploiting... Moderate Unreviewed

CVE-2026-32335 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme JobScout jobscout allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2026-32334 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme Bakes And Cakes bakes-and-cakes allows... Moderate Unreviewed

CVE-2026-32339 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing... Moderate Unreviewed

CVE-2026-32338 was published Mar 13, 2026

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2026-32332 was published Mar 13, 2026

Missing Authorization vulnerability in raratheme Benevolent benevolent allows Exploiting... Moderate Unreviewed

CVE-2026-32341 was published Mar 13, 2026

wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows... High Unreviewed

CVE-2026-22182 was published Mar 13, 2026

OpenClaw: WebSocket shared-auth connections could self-declare elevated scopes Critical

CVE-2026-22172 was published for openclaw (npm) Mar 13, 2026

Credited to LUOYEcode

OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions Moderate

GHSA-8jhh-jcqg-mj5p was published for openclaw (npm) Mar 13, 2026

Credited to tdjackey

A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could... Moderate Unreviewed

CVE-2026-28254 was published Mar 12, 2026

Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page Moderate

CVE-2026-32230 was published for uptime-kuma (npm) Mar 12, 2026

Credited to kuranikaran

The Timetics WordPress plugin before 1.0.52 does not have authorization in a REST endpoint,... Moderate Unreviewed

CVE-2025-15473 was published Mar 12, 2026

A security vulnerability has been detected in projectsend up to r1945. The affected element is an... Moderate Unreviewed

CVE-2026-3977 was published Mar 12, 2026

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email... Moderate Unreviewed

CVE-2026-3226 was published Mar 12, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18... Moderate Unreviewed

CVE-2026-1663 was published Mar 11, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8... Low Unreviewed

CVE-2025-12704 was published Mar 11, 2026

WordPress core is vulnerable to unauthorized access in versions 6.9 through 6.9.1. The Notes... Moderate Unreviewed

CVE-2026-3906 was published Mar 11, 2026

Previous 1…9…271 Next

Previous 1 2 … 7 8 9 10 11 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,765 advisories