Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,026
Maven
5,000+
npm
4,763
NuGet
824
pip
4,366
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

71 advisories

Loading
Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task... Critical Unreviewed
CVE-2025-68869 was published Jan 22, 2026
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege... Critical Unreviewed
CVE-2026-23800 was published Jan 16, 2026
An attacker may gain unauthorized access to the host filesystem, potentially allowing them to... Critical Unreviewed
CVE-2026-22907 was published Jan 15, 2026
Uploading unvalidated container images may allow remote attackers to gain full access to the... Critical Unreviewed
CVE-2026-22908 was published Jan 15, 2026
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed
CVE-2024-32444 was published Jan 15, 2026
Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue... Critical Unreviewed
CVE-2026-23550 was published Jan 14, 2026
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege... Critical Unreviewed
CVE-2025-64188 was published Dec 18, 2025
OpenShift GitOps authenticated attackers can obtain cluster root access through forged ArgoCD custom resources Critical
CVE-2025-13888 was published for github.com/redhat-developer/gitops-operator (Go) Dec 15, 2025
Grafana Incorrect Privilege Assignment vulnerability Critical
CVE-2025-41115 was published for github.com/grafana/grafana (Go) Nov 21, 2025
cdupuis
Credited to cdupuis
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king... Critical Unreviewed
CVE-2025-6325 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for... Critical Unreviewed
CVE-2025-60243 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration... Critical Unreviewed
CVE-2025-60195 was published Nov 6, 2025
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote... Critical Unreviewed
CVE-2025-62645 was published Oct 17, 2025
A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an... Critical Unreviewed
CVE-2025-10725 was published Sep 30, 2025
Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass... Critical Unreviewed
CVE-2025-10644 was published Sep 17, 2025
Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin allows... Critical Unreviewed
CVE-2025-49388 was published Aug 28, 2025
Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege... Critical Unreviewed
CVE-2025-54049 was published Aug 20, 2025
Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows... Critical Unreviewed
CVE-2025-53580 was published Aug 20, 2025
In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in... Critical Unreviewed
CVE-2025-44655 was published Jul 21, 2025
Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce... Critical Unreviewed
CVE-2025-52836 was published Jul 16, 2025
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed
CVE-2025-49867 was published Jul 4, 2025
Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege... Critical Unreviewed
CVE-2025-23970 was published Jul 4, 2025
Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb... Critical Unreviewed
CVE-2025-45006 was published Jul 1, 2025
Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for... Critical Unreviewed
CVE-2025-48129 was published Jun 9, 2025
Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation.... Critical Unreviewed
CVE-2025-47539 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database