GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,101
Composer 5,484
Erlang 47
GitHub Actions 48
Go 3,378
Maven 6,352
npm 5,450
NuGet 881
pip 4,573
Pub 13
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,860 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file... Moderate Unreviewed

CVE-2026-29909 was published Mar 30, 2026

When sending invalid base64 SASL data, login process is disconnected from the auth server,... Moderate Unreviewed

CVE-2025-59028 was published Mar 27, 2026

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. This affects the... Moderate Unreviewed

CVE-2026-4860 was published Mar 26, 2026

A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7... Moderate Unreviewed

CVE-2026-28852 was published Mar 25, 2026

A validation issue existed in the entitlement verification. This issue was addressed with... Moderate Unreviewed

CVE-2026-28821 was published Mar 25, 2026

This issue was addressed with improved input validation. This issue is fixed in iOS 26.3 and... Moderate Unreviewed

CVE-2026-20686 was published Mar 25, 2026

A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of... Moderate Unreviewed

CVE-2026-4538 was published Mar 22, 2026

The Appmax plugin for WordPress is vulnerable to Improper Input Validation in all versions up to,... Moderate Unreviewed

CVE-2026-3641 was published Mar 21, 2026

The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2026-3460 was published Mar 21, 2026

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the... Moderate Unreviewed

CVE-2026-4438 was published Mar 20, 2026

The webbrowser.open() API would accept leading dashes in the URL which could be handled as... Moderate Unreviewed

CVE-2026-4519 was published Mar 20, 2026

Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox... Moderate Unreviewed

CVE-2026-33369 was published Mar 20, 2026

A cross-origin issue in the Navigation API was addressed with improved input validation. This... Moderate Unreviewed

CVE-2026-20643 was published Mar 18, 2026

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was... Moderate Unreviewed

CVE-2026-3644 was published Mar 16, 2026

in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input. Moderate Unreviewed

CVE-2025-6969 was published Mar 16, 2026

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation... Moderate Unreviewed

CVE-2025-10461 was published Mar 16, 2026

wpDiscuz before 7.6.47 contains an email header injection vulnerability that allows attackers to... Moderate Unreviewed

CVE-2026-22204 was published Mar 13, 2026

A flaw has been found in Alfresco Activiti up to 7.19/8.8.0. Affected by this issue is the... Moderate Unreviewed

CVE-2026-3967 was published Mar 12, 2026

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Moderate Unreviewed

CVE-2026-21310 was published Mar 11, 2026

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Moderate Unreviewed

CVE-2026-21282 was published Mar 11, 2026

Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an... Moderate Unreviewed

CVE-2025-20096 was published Mar 11, 2026

A denial-of-service (DoS) vulnerability was identified in Omada EAP610 v3. An attacker with... Moderate Unreviewed

CVE-2025-7375 was published Mar 5, 2026

Suprema’s BioStar 2 in version 2.9.11.6 allows users to set new password without providing the... Moderate Unreviewed

CVE-2025-41257 was published Mar 5, 2026

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD... Moderate Unreviewed

CVE-2026-20020 was published Mar 4, 2026

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580,... Moderate Unreviewed

CVE-2025-62816 was published Mar 3, 2026

Previous1…195 Next

Previous 1 2 3 4 5 … 194 195 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,860 advisories