GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,394
Composer 5,352
Erlang 44
GitHub Actions 45
Go 3,227
Maven 6,312
npm 5,194
NuGet 864
pip 4,502
Pub 12
RubyGems 995
Rust 1,187
Swift 51

Unreviewed advisories

All unreviewed 293,877

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,282 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API... High Unreviewed

CVE-2025-41258 was published Mar 18, 2026

An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows... High Unreviewed

CVE-2026-30707 was published Mar 17, 2026

Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the... High Unreviewed

CVE-2026-3110 was published Mar 16, 2026

Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed... High Unreviewed

CVE-2026-3932 was published Mar 12, 2026

In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace... High Unreviewed

CVE-2025-68623 was published Mar 11, 2026

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized... High Unreviewed

CVE-2026-25176 was published Mar 10, 2026

Improper access control in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed

CVE-2026-24290 was published Mar 10, 2026

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a... High Unreviewed

CVE-2026-21262 was published Mar 10, 2026

Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to... High Unreviewed

CVE-2026-23660 was published Mar 10, 2026

An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An... High Unreviewed

CVE-2026-30140 was published Mar 9, 2026

Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x... High Unreviewed

CVE-2025-70363 was published Mar 6, 2026

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control... High Unreviewed

CVE-2025-70614 was published Mar 5, 2026

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon... High Unreviewed

CVE-2026-26418 was published Mar 5, 2026

A broken access control vulnerability in the password reset functionality of Tata Consultancy... High Unreviewed

CVE-2026-26417 was published Mar 5, 2026

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5... High Unreviewed

CVE-2026-25702 was published Mar 5, 2026

Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote... High Unreviewed

CVE-2026-3541 was published Mar 4, 2026

Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote... High Unreviewed

CVE-2026-3543 was published Mar 4, 2026

Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a... High Unreviewed

CVE-2026-3542 was published Mar 4, 2026

In multiple functions of ContentProvider.java, there is a possible way for an app with read-only... High Unreviewed

CVE-2025-48619 was published Mar 2, 2026

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote... High Unreviewed

CVE-2025-63409 was published Feb 24, 2026

Improper access control in Microsoft Teams allows an unauthorized attacker to disclose... High Unreviewed

CVE-2026-21535 was published Feb 20, 2026

PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vulnerability. A low... High Unreviewed

CVE-2025-70064 was published Feb 18, 2026

An authentication bypass in the application API allows an unauthorized administrative account to... High Unreviewed

CVE-2026-23595 was published Feb 17, 2026

The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access... High Unreviewed

CVE-2026-2592 was published Feb 17, 2026

A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is the function... High Unreviewed

CVE-2026-2550 was published Feb 16, 2026

Previous1…52 Next

Previous 1 2 3 4 5 … 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,282 advisories