GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,046
Composer 5,218
Erlang 40
GitHub Actions 40
Go 2,974
Maven 6,256
npm 4,621
NuGet 788
pip 4,317
Pub 12
RubyGems 984
Rust 1,131
Swift 49

Unreviewed advisories

All unreviewed 289,804

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,632 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to... Critical Unreviewed

CVE-2026-26369 was published Feb 15, 2026

The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2026-1750 was published Feb 15, 2026

The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less... Critical Unreviewed

CVE-2025-8572 was published Feb 14, 2026

The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all... High Unreviewed

CVE-2026-2144 was published Feb 14, 2026

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Moderate Unreviewed

CVE-2025-46310 was published Feb 12, 2026

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17... High Unreviewed

CVE-2024-50619 was published Feb 12, 2026

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate... High Unreviewed

CVE-2026-21533 was published Feb 10, 2026

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all... Critical Unreviewed

CVE-2025-15027 was published Feb 8, 2026

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all... High Unreviewed

CVE-2025-15100 was published Feb 8, 2026

A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component... High Unreviewed

CVE-2025-69875 was published Feb 3, 2026

The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset... Critical Unreviewed

CVE-2025-15030 was published Feb 2, 2026

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL. High Unreviewed

CVE-2025-13176 was published Jan 30, 2026

Chef InSpec up to version 5.23 creates named pipes with overly permissive default Windows access... Moderate Unreviewed

CVE-2025-6723 was published Jan 30, 2026

The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password... High Unreviewed

CVE-2025-14975 was published Jan 29, 2026

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be... Moderate Unreviewed

CVE-2025-13918 was published Jan 28, 2026

WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is... High Unreviewed

CVE-2025-13917 was published Jan 28, 2026

A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System... High Unreviewed

CVE-2025-59094 was published Jan 26, 2026

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User... Critical Unreviewed

CVE-2026-0920 was published Jan 22, 2026

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed

CVE-2026-21963 was published Jan 21, 2026

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed

CVE-2026-21957 was published Jan 21, 2026

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed

CVE-2026-21983 was published Jan 21, 2026

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed

CVE-2026-21981 was published Jan 21, 2026

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation... Critical Unreviewed

CVE-2025-14533 was published Jan 20, 2026

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed

CVE-2025-15403 was published Jan 17, 2026

Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates... Moderate Unreviewed

CVE-2026-21223 was published Jan 17, 2026

Previous1…146 Next

Previous 1 2 3 4 5 … 145 146 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,632 advisories