GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,101
Composer 5,484
Erlang 47
GitHub Actions 48
Go 3,378
Maven 6,352
npm 5,450
NuGet 881
pip 4,573
Pub 13
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,109 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2026-4020 was published Mar 31, 2026

A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in... High Unreviewed

CVE-2026-29872 was published Mar 30, 2026

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and... High Unreviewed

CVE-2026-34472 was published Mar 30, 2026

A sensitive information exposure vulnerability exists in ArthurFiorette steam-trader 2.1.1. An... Critical Unreviewed

CVE-2026-5128 was published Mar 30, 2026

A vulnerability was found in PromtEngineer localGPT up to... Moderate Unreviewed

CVE-2026-5003 was published Mar 28, 2026

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function... Moderate Unreviewed

CVE-2026-4994 was published Mar 28, 2026

The Ninja Forms - The Contact Form Builder That Grows With You plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2026-1307 was published Mar 28, 2026

A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function... Moderate Unreviewed

CVE-2026-4957 was published Mar 27, 2026

Dovecot has provided a script to use for attachment to text conversion. This script unsafely... Moderate Unreviewed

CVE-2025-59031 was published Mar 27, 2026

Information disclosure in the file URI processing of File (Field) Paths in Drupal File (Field)... Moderate Unreviewed

CVE-2026-1556 was published Mar 27, 2026

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a... Low Unreviewed

CVE-2025-55276 was published Mar 26, 2026

HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights... Low Unreviewed

CVE-2025-55272 was published Mar 26, 2026

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue... Moderate Unreviewed

CVE-2025-55265 was published Mar 26, 2026

A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this... Low Unreviewed

CVE-2026-4823 was published Mar 26, 2026

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application... Moderate Unreviewed

CVE-2025-14915 was published Mar 25, 2026

An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2026-28877 was published Mar 25, 2026

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and... Moderate Unreviewed

CVE-2026-28878 was published Mar 25, 2026

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app... Moderate Unreviewed

CVE-2026-28820 was published Mar 25, 2026

Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149... High Unreviewed

CVE-2026-4712 was published Mar 24, 2026

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6... Moderate Unreviewed

CVE-2026-4733 was published Mar 24, 2026

Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote,... Critical Unreviewed

CVE-2025-60949 was published Mar 24, 2026

The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets... Moderate Unreviewed

CVE-2025-13997 was published Mar 23, 2026

Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an... High Unreviewed

CVE-2026-23659 was published Mar 19, 2026

OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the... Critical Unreviewed

CVE-2026-32865 was published Mar 19, 2026

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2026-2571 was published Mar 19, 2026

Previous1…365 Next

Previous 1 2 3 4 5 … 364 365 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,109 advisories