GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,557
Composer 5,386
Erlang 44
GitHub Actions 46
Go 3,270
Maven 6,323
npm 5,240
NuGet 867
pip 4,517
Pub 12
RubyGems 998
Rust 1,194
Swift 51

Unreviewed advisories

All unreviewed 294,323

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,096 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Broken Access Control in extension "Redirect Tab" (redirect_tab) Low

CVE-2026-4202 was published for ayacoo/redirect-tab (Composer) Mar 17, 2026

Google Cloud Storage for Craft CMS has an Information Disclosure Vulnerability Low

CVE-2026-32266 was published for craftcms/google-cloud (Composer) Mar 16, 2026

HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature.... Low Unreviewed

CVE-2025-52649 was published Mar 16, 2026

A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is an unknown... Low Unreviewed

CVE-2026-4218 was published Mar 16, 2026

Withdrawn Advisory: Shescape has possible misidentification of shell due to link chains Low

CVE-2026-30916 was published for shescape (npm) Mar 7, 2026 • withdrawn

Dark Reader gives users the ability to request style sheets from local web servers Low

CVE-2025-68467 was published for darkreader (npm) Mar 4, 2026

Apache Superset allows authenticated users to view sensitive data without explicit permissions Low

CVE-2026-23983 was published for apache-superset (pip) Feb 24, 2026

uTLS has a fingerprint vulnerability from missing padding extension for Chrome 120 Low

CVE-2026-26995 was published for github.com/refraction-networking/utls (Go) Feb 18, 2026

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud... Low Unreviewed

CVE-2026-20137 was published Feb 18, 2026

The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Low Unreviewed

CVE-2026-1582 was published Feb 18, 2026

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed

CVE-2026-20681 was published Feb 12, 2026

A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow... Low Unreviewed

CVE-2026-20730 was published Feb 4, 2026

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header... Low Unreviewed

CVE-2025-52631 was published Feb 3, 2026

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed

CVE-2025-61639 was published Feb 3, 2026

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed

CVE-2025-6593 was published Feb 3, 2026

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6... Low Unreviewed

CVE-2026-24870 was published Jan 27, 2026

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.09_55. This affects an... Low Unreviewed

CVE-2026-1407 was published Jan 26, 2026

Gitea improperly exposes issue and pull request titles Low

CVE-2026-20800 was published for github.com/go-gitea/gitea (Go) Jan 23, 2026

Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential... Low Unreviewed

CVE-2025-12738 was published Jan 22, 2026

A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown... Low Unreviewed

CVE-2026-1197 was published Jan 20, 2026

MineAdmin May Expose Sensitive Information to an Unauthorized Actor Low

CVE-2026-1196 was published for mineadmin/mineadmin (Composer) Jan 20, 2026

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3... Low Unreviewed

CVE-2025-24090 was published Jan 16, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Low Unreviewed

CVE-2025-46676 was published Jan 9, 2026

Exposure of sensitive information in the TeamViewer entry dashboard component in Devolutions... Low Unreviewed

CVE-2026-0747 was published Jan 8, 2026

Improper service binding configuration in internal service components in HCL BigFix IVR version 4... Low Unreviewed

CVE-2025-31964 was published Jan 7, 2026

Previous1…44 Next

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,096 advisories