GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104 advisories
Filter by severity
Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website...
Critical
Unreviewed
CVE-2026-56028
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
Critical
Unreviewed
CVE-2026-56030
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
Critical
Unreviewed
CVE-2026-56033
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions.
Critical
Unreviewed
CVE-2026-54807
was published
Jun 17, 2026
Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions.
Critical
Unreviewed
CVE-2026-49058
was published
Jun 17, 2026
Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions.
Critical
Unreviewed
CVE-2026-27395
was published
Jun 17, 2026
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
Critical
Unreviewed
CVE-2025-69179
was published
Jun 17, 2026
Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152,...
Critical
Unreviewed
CVE-2026-12294
was published
Jun 16, 2026
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions.
Critical
Unreviewed
CVE-2026-39583
was published
Jun 15, 2026
Unauthenticated Privilege Escalation in iControlWP <= 5.5.3 versions.
Critical
Unreviewed
CVE-2026-34901
was published
Jun 15, 2026
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows...
Critical
Unreviewed
CVE-2026-49060
was published
Jun 12, 2026
Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1,...
Critical
Unreviewed
CVE-2025-10263
was published
Jun 9, 2026
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege...
Critical
Unreviewed
CVE-2025-53209
was published
Jun 2, 2026
Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation.
This...
Critical
Unreviewed
CVE-2026-48879
was published
Jun 1, 2026
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer...
Critical
Unreviewed
CVE-2026-42680
was published
Jun 1, 2026
Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar...
Critical
Unreviewed
CVE-2026-42758
was published
May 27, 2026
Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange...
Critical
Unreviewed
CVE-2026-42731
was published
May 27, 2026
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as...
Critical
Unreviewed
CVE-2026-48172
was published
May 21, 2026
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision...
Critical
Unreviewed
CVE-2026-42368
was published
May 4, 2026
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows...
Critical
Unreviewed
CVE-2026-22337
was published
Apr 27, 2026
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on...
Critical
Unreviewed
CVE-2026-33519
was published
Apr 21, 2026
An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows...
Critical
Unreviewed
CVE-2026-33518
was published
Apr 21, 2026
OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate...
Critical
Unreviewed
CVE-2026-32922
was published
Mar 29, 2026
Incorrect Privilege Assignment vulnerability in Andrew Munro / AffiliateWP RewardsWP rewardswp...
Critical
Unreviewed
CVE-2026-32520
was published
Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege...
Critical
Unreviewed
CVE-2026-32519
was published
Mar 25, 2026
ProTip!
Advisories are also available from the
GraphQL API