GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,867 advisories
Filter by severity
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container...
Critical
Unreviewed
CVE-2026-58053
was published
Jun 28, 2026
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
High
Unreviewed
CVE-2026-58054
was published
Jun 28, 2026
The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing...
Critical
Unreviewed
CVE-2026-12415
was published
Jun 27, 2026
When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to...
Moderate
Unreviewed
CVE-2026-45256
was published
Jun 26, 2026
Capgo before 12.128.2 contains an authorization bypass vulnerability in its public API key...
High
Unreviewed
CVE-2026-56225
was published
Jun 23, 2026
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
High
Unreviewed
CVE-2026-54099
was published
Jun 22, 2026
The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be...
High
Unreviewed
CVE-2026-8157
was published
Jun 22, 2026
Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public...
High
Unreviewed
CVE-2026-56239
was published
Jun 21, 2026
Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey...
High
Unreviewed
CVE-2026-56216
was published
Jun 20, 2026
Capgo before 12.128.2 contains an authentication logic flaw: a user with permission to manage...
Moderate
Unreviewed
CVE-2026-56212
was published
Jun 20, 2026
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an...
Moderate
Unreviewed
CVE-2026-20246
was published
Jun 17, 2026
Missing Authorization in the server management routes (routes/admin.php) in Azuriom Azuriom CMS...
High
Unreviewed
CVE-2026-54415
was published
Jun 17, 2026
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155...
High
Unreviewed
CVE-2026-12448
was published
Jun 17, 2026
Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote...
Moderate
Unreviewed
CVE-2026-12450
was published
Jun 17, 2026
In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier...
Critical
Unreviewed
CVE-2026-0063
was published
Jun 17, 2026
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress...
High
Unreviewed
CVE-2026-12165
was published
Jun 17, 2026
In SettingsLib, there is a possible way to disable system components due to a logic error in the...
High
Unreviewed
CVE-2026-0019
was published
Jun 17, 2026
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business...
High
Unreviewed
CVE-2026-46973
was published
Jun 17, 2026
Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2026-46970
was published
Jun 17, 2026
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business...
High
Unreviewed
CVE-2026-46972
was published
Jun 17, 2026
Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2026-46971
was published
Jun 17, 2026
Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite ...
High
Unreviewed
CVE-2026-46961
was published
Jun 17, 2026
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2026-46966
was published
Jun 17, 2026
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component:...
Critical
Unreviewed
CVE-2026-46964
was published
Jun 17, 2026
Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite ...
High
Unreviewed
CVE-2026-46962
was published
Jun 17, 2026
ProTip!
Advisories are also available from the
GraphQL API