GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,101
Composer 5,484
Erlang 47
GitHub Actions 48
Go 3,378
Maven 6,352
npm 5,450
NuGet 881
pip 4,573
Pub 13
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,607 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2026-4020 was published Mar 31, 2026

A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in... High Unreviewed

CVE-2026-29872 was published Mar 30, 2026

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and... High Unreviewed

CVE-2026-34472 was published Mar 30, 2026

Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149... High Unreviewed

CVE-2026-4712 was published Mar 24, 2026

Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an... High Unreviewed

CVE-2026-23659 was published Mar 19, 2026

In hasImage of Notification.java, there is a possible way to reveal information across users due... High Unreviewed

CVE-2026-0025 was published Mar 2, 2026

In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token... High Unreviewed

CVE-2025-48635 was published Mar 2, 2026

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API... High Unreviewed

CVE-2026-2025 was published Mar 4, 2026

A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain... High Unreviewed

CVE-2025-37165 was published Jan 13, 2026

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted... High Unreviewed

CVE-2024-26480 was published Feb 11, 2026

Information disclosure, mitigation bypass in the Settings UI component. This vulnerability... High Unreviewed

CVE-2026-2803 was published Feb 24, 2026

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This... High Unreviewed

CVE-2026-2783 was published Feb 24, 2026

A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an... High Unreviewed

CVE-2026-2244 was published Feb 26, 2026

Download key for a file in a vault was passed in an insecure way that could easily be logged in M... High Unreviewed

CVE-2022-3284 was published Mar 6, 2023

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web... High Unreviewed

CVE-2022-4862 was published Mar 6, 2023

A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26... High Unreviewed

CVE-2026-20641 was published Feb 12, 2026

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted... High Unreviewed

CVE-2024-26477 was published Feb 11, 2026

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.3... High Unreviewed

CVE-2026-20606 was published Feb 12, 2026

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an... High Unreviewed

CVE-2026-21260 was published Feb 10, 2026

The Ninja Forms plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2026-2268 was published Feb 10, 2026

Azure Function Information Disclosure Vulnerability High Unreviewed

CVE-2026-21532 was published Feb 6, 2026

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software... High Unreviewed

CVE-2025-8590 was published Feb 3, 2026

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the... High Unreviewed

CVE-2025-52026 was published Jan 23, 2026

An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive... High Unreviewed

CVE-2025-67274 was published Jan 26, 2026

Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an... High Unreviewed

CVE-2026-21524 was published Jan 23, 2026

Previous1…65 Next

Previous 1 2 3 4 5 … 64 65 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,607 advisories