Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,630
Maven
5,000+
npm
5,000+
NuGet
928
pip
4,850
Pub
13
RubyGems
1,045
Rust
1,301
Swift
53
Unreviewed advisories
All unreviewed
5,000+

2,040 advisories

Loading
IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i... Moderate Unreviewed
CVE-2026-2311 was published May 1, 2026
A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-9772 was published Apr 29, 2026
FacturaScripts has Insecure Parameter Handling: Unauthorized Modification of Immutable 'nick' Field Moderate
CVE-2026-32699 was published for facturascripts/facturascripts (Composer) Apr 28, 2026
TurkiOS Credited to TurkiOS
A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the... Moderate Unreviewed
CVE-2026-7238 was published Apr 28, 2026
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from... Moderate Unreviewed
CVE-2026-40966 was published Apr 28, 2026
A vulnerability was identified in code-projects Online Lot Reservation System 1.0. Affected is an... Moderate Unreviewed
CVE-2026-7134 was published Apr 27, 2026
A vulnerability was determined in code-projects Online Lot Reservation System 1.0. This impacts... Moderate Unreviewed
CVE-2026-7133 was published Apr 27, 2026
A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted... Moderate Unreviewed
CVE-2026-7107 was published Apr 27, 2026
A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of... Moderate Unreviewed
CVE-2026-7043 was published Apr 27, 2026
A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file ... Moderate Unreviewed
CVE-2026-7044 was published Apr 27, 2026
A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low... Moderate Unreviewed
CVE-2025-67259 was published Apr 24, 2026
In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution... Moderate Unreviewed
CVE-2025-59308 was published Apr 24, 2026
In versions <8.4.0, <8.3.2, <8.2.2, <8.1.3, <8.0.4, <7.13.6, <7.12.7, <7.11.7, and <7.10.10, the... Moderate Unreviewed
CVE-2026-29197 was published Apr 24, 2026
Nuclei: Local File Read via require() Module Loader Bypass Moderate
CVE-2026-41646 was published for github.com/projectdiscovery/nuclei/v3 (Go) Apr 22, 2026
AkashHamal0x01 Credited to AkashHamal0x01
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2026-35247 was published Apr 21, 2026
Vulnerability in the PeopleSoft Enterprise CS Student Records product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2026-35241 was published Apr 21, 2026
Vulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications ... Moderate Unreviewed
CVE-2026-34324 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2026-35236 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2026-35239 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2026-35237 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2026-35238 was published Apr 21, 2026
Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion ... Moderate Unreviewed
CVE-2026-35244 was published Apr 21, 2026
Vulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications ... Moderate Unreviewed
CVE-2026-34323 was published Apr 21, 2026
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed
CVE-2026-34325 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). ... Moderate Unreviewed
CVE-2026-35234 was published Apr 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database