GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,557
Composer 5,386
Erlang 44
GitHub Actions 46
Go 3,270
Maven 6,323
npm 5,240
NuGet 867
pip 4,517
Pub 12
RubyGems 998
Rust 1,194
Swift 51

Unreviewed advisories

All unreviewed 294,323

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,086 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an... High Unreviewed

CVE-2026-23659 was published Mar 19, 2026

OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the... Critical Unreviewed

CVE-2026-32865 was published Mar 19, 2026

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2026-2571 was published Mar 19, 2026

IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an unauthorized access to sensitive... Moderate Unreviewed

CVE-2026-1267 was published Mar 18, 2026

HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature.... Low Unreviewed

CVE-2025-52649 was published Mar 16, 2026

A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is an unknown... Low Unreviewed

CVE-2026-4218 was published Mar 16, 2026

wpDiscuz before 7.6.47 contains an information disclosure vulnerability that allows... Moderate Unreviewed

CVE-2026-22203 was published Mar 13, 2026

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform... Moderate Unreviewed

CVE-2026-20164 was published Mar 11, 2026

In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below... Moderate Unreviewed

CVE-2026-20166 was published Mar 11, 2026

The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing... Moderate Unreviewed

CVE-2026-1867 was published Mar 11, 2026

Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing... Moderate Unreviewed

CVE-2026-25185 was published Mar 10, 2026

Exposure of sensitive information to an unauthorized actor in Windows Accessibility... Moderate Unreviewed

CVE-2026-25186 was published Mar 10, 2026

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-2589 was published Mar 6, 2026

The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2026-3058 was published Mar 4, 2026

SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without... Moderate Unreviewed

CVE-2026-2747 was published Mar 4, 2026

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API... High Unreviewed

CVE-2026-2025 was published Mar 4, 2026

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing... Moderate Unreviewed

CVE-2026-1980 was published Mar 4, 2026

In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error... Moderate Unreviewed

CVE-2025-48642 was published Mar 2, 2026

In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of... Moderate Unreviewed

CVE-2026-0005 was published Mar 2, 2026

In hasImage of Notification.java, there is a possible way to reveal information across users due... High Unreviewed

CVE-2026-0025 was published Mar 2, 2026

In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token... High Unreviewed

CVE-2025-48635 was published Mar 2, 2026

wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated... Moderate Unreviewed

CVE-2026-28559 was published Mar 1, 2026

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event... Moderate Unreviewed

CVE-2025-9907 was published Feb 27, 2026

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event... Moderate Unreviewed

CVE-2025-9908 was published Feb 27, 2026

n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata... Moderate Unreviewed

CVE-2025-9572 was published Feb 27, 2026

Previous1…364 Next

Previous 1 2 3 4 5 … 363 364 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,086 advisories