GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,101
Composer 5,484
Erlang 47
GitHub Actions 48
Go 3,378
Maven 6,352
npm 5,450
NuGet 881
pip 4,573
Pub 13
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,796

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,288 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to... Moderate Unreviewed

CVE-2026-3774 was published Apr 1, 2026

XenForo before 2.3.7 allows information disclosure via local account page caching on shared... Moderate Unreviewed

CVE-2025-71280 was published Apr 1, 2026

A vulnerability was found in PromtEngineer localGPT up to... Moderate Unreviewed

CVE-2026-5003 was published Mar 28, 2026

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function... Moderate Unreviewed

CVE-2026-4994 was published Mar 28, 2026

The Ninja Forms - The Contact Form Builder That Grows With You plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2026-1307 was published Mar 28, 2026

A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function... Moderate Unreviewed

CVE-2026-4957 was published Mar 27, 2026

Dovecot has provided a script to use for attachment to text conversion. This script unsafely... Moderate Unreviewed

CVE-2025-59031 was published Mar 27, 2026

Information disclosure in the file URI processing of File (Field) Paths in Drupal File (Field)... Moderate Unreviewed

CVE-2026-1556 was published Mar 27, 2026

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue... Moderate Unreviewed

CVE-2025-55265 was published Mar 26, 2026

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application... Moderate Unreviewed

CVE-2025-14915 was published Mar 25, 2026

An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2026-28877 was published Mar 25, 2026

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and... Moderate Unreviewed

CVE-2026-28878 was published Mar 25, 2026

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app... Moderate Unreviewed

CVE-2026-28820 was published Mar 25, 2026

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6... Moderate Unreviewed

CVE-2026-4733 was published Mar 24, 2026

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets... Moderate Unreviewed

CVE-2025-13997 was published Mar 23, 2026

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2026-2571 was published Mar 19, 2026

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive... Moderate Unreviewed

CVE-2026-1267 was published Mar 18, 2026

wpDiscuz before 7.6.47 contains an information disclosure vulnerability that allows... Moderate Unreviewed

CVE-2026-22203 was published Mar 13, 2026

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform... Moderate Unreviewed

CVE-2026-20164 was published Mar 11, 2026

In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below... Moderate Unreviewed

CVE-2026-20166 was published Mar 11, 2026

The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing... Moderate Unreviewed

CVE-2026-1867 was published Mar 11, 2026

Exposure of sensitive information to an unauthorized actor in Windows Accessibility... Moderate Unreviewed

CVE-2026-25186 was published Mar 10, 2026

Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing... Moderate Unreviewed

CVE-2026-25185 was published Mar 10, 2026

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-2589 was published Mar 6, 2026

The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2026-3058 was published Mar 4, 2026

Previous1…252 Next

Previous 1 2 3 4 5 … 251 252 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,288 advisories