Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,143
Maven
5,000+
npm
5,000+
NuGet
840
pip
4,439
Pub
12
RubyGems
990
Rust
1,174
Swift
50
Unreviewed advisories
All unreviewed
5,000+

11,870 advisories

Loading
A flaw has been found in Alfresco Activiti up to 7.19/8.8.0. Affected by this issue is the... Moderate Unreviewed
CVE-2026-3967 was published Mar 12, 2026
Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an... High Unreviewed
CVE-2026-30901 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Moderate Unreviewed
CVE-2026-21310 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Moderate Unreviewed
CVE-2026-21282 was published Mar 11, 2026
Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval Moderate
CVE-2026-31959 was published for github.com/anchore/quill (Go) Mar 11, 2026
Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may... High Unreviewed
CVE-2025-20027 was published Mar 11, 2026
Improper input validation in the UEFI FlashUcAcmSmm module for some Intel(R) reference platforms... High Unreviewed
CVE-2025-20064 was published Mar 11, 2026
Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an... Moderate Unreviewed
CVE-2025-20096 was published Mar 11, 2026
Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference... High Unreviewed
CVE-2025-20068 was published Mar 11, 2026
Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms... High Unreviewed
CVE-2025-20105 was published Mar 11, 2026
In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2025-36920 was published Mar 10, 2026
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute... High Unreviewed
CVE-2026-26106 was published Mar 10, 2026
Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to... High Unreviewed
CVE-2026-26121 was published Mar 10, 2026
Improper input validation in System Center Operations Manager allows an authorized attacker to... High Unreviewed
CVE-2026-20967 was published Mar 10, 2026
Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation High
CVE-2026-26308 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
botengyao Credited to botengyao, phlax, and agrawroh phlax phlax
agrawroh agrawroh
Envoy vulnerable to crash for scoped ip address during DNS Moderate
CVE-2026-26310 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
antoniovleonti Credited to antoniovleonti, agrawroh, botengyao, and phlax agrawroh agrawroh
botengyao botengyao phlax phlax
RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface Critical
CVE-2026-30960 was published for rssn (Rust) Mar 10, 2026
panayang Credited to panayang
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite... High Unreviewed
CVE-2026-3288 was published Mar 9, 2026
The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in... High Unreviewed
CVE-2025-14558 was published Mar 9, 2026
In nr modem, there is a possible system crash due to improper input validation. This could lead... High Unreviewed
CVE-2025-69278 was published Mar 9, 2026
In nr modem, there is a possible system crash due to improper input validation. This could lead... High Unreviewed
CVE-2025-69279 was published Mar 9, 2026
In nr modem, there is a possible system crash due to improper input validation. This could lead... High Unreviewed
CVE-2025-61616 was published Mar 9, 2026
In nr modem, there is a possible system crash due to improper input validation. This could lead... High Unreviewed
CVE-2025-61614 was published Mar 9, 2026
In nr modem, there is a possible system crash due to improper input validation. This could lead... High Unreviewed
CVE-2025-61615 was published Mar 9, 2026
Apache IoTDB has an Improper Input Validation vulnerability Critical
CVE-2026-24713 was published for org.apache.iotdb:iotdb-core (Maven) Mar 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database