Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,894 advisories

Loading
An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8.... Moderate Unreviewed
CVE-2025-69727 was published Mar 16, 2026
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an... Moderate Unreviewed
CVE-2026-4221 was published Mar 16, 2026
A vulnerability has been found in Technologies Integrated Management Platform 7.17.0. Affected by... Moderate Unreviewed
CVE-2026-4220 was published Mar 16, 2026
A flaw has been found in JawherKl node-api-postgres up to 2.5. Affected is the function path... Moderate Unreviewed
CVE-2026-4191 was published Mar 16, 2026
A weakness has been identified in glowxq glowxq-oj up to 6f7c723090472057252040fd2bbbdaa1b5ed2393... Moderate Unreviewed
CVE-2026-4201 was published Mar 16, 2026
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the... Moderate Unreviewed
CVE-2026-3111 was published Mar 16, 2026
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or... Moderate Unreviewed
CVE-2026-0977 was published Mar 16, 2026
OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists Moderate
GHSA-9vvh-2768-c8vp was published for openclaw (npm) Mar 13, 2026
zpbrent Credited to zpbrent
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3934 was published Mar 12, 2026
Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote... Moderate Unreviewed
CVE-2026-3939 was published Mar 12, 2026
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3940 was published Mar 12, 2026
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3938 was published Mar 12, 2026
Keycloak: Improper Access Control Leading to MFA Deletion and Account Takeover in Keycloak Account REST API Moderate
CVE-2026-3429 was published for org.keycloak:keycloak-services (Maven) Mar 11, 2026
django-unicorn affected by component state manipulation via unvalidated attribute access Moderate
CVE-2026-31815 was published for django-unicorn (pip) Mar 11, 2026
RinZ27 Credited to RinZ27
The register protection of the PowerVR GPU is incorrectly configured. This could lead to local... Moderate Unreviewed
CVE-2026-0108 was published Mar 10, 2026
Vaadin Vulnerable to Authentication Bypass When Accessing the /VAADIN Endpoint Without a Trailing Slash Moderate
CVE-2026-2742 was published for com.vaadin:flow-server (Maven) Mar 10, 2026
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may... Moderate Unreviewed
CVE-2026-22628 was published Mar 10, 2026
OpenClaw: Sandboxed /acp spawn requests could initialize host ACP sessions Moderate
GHSA-9q36-67vc-rrwg was published for openclaw (npm) Mar 9, 2026
tdjackey Credited to tdjackey
A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected... Moderate Unreviewed
CVE-2026-3800 was published Mar 9, 2026
A security vulnerability has been detected in Tiandy Video Surveillance System 视频监控平台 7.17.0. The... Moderate Unreviewed
CVE-2026-3797 was published Mar 9, 2026
A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile... Moderate Unreviewed
CVE-2026-3748 was published Mar 8, 2026
A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function... Moderate Unreviewed
CVE-2026-3749 was published Mar 8, 2026
Gokapi has privilege escalation via incomplete API-key permission revocation on user rank demotion Moderate
CVE-2026-29061 was published for github.com/forceu/gokapi (Go) Mar 5, 2026
Sijisu Credited to Sijisu, aisafe-bot, and Forceu aisafe-bot aisafe-bot
Forceu Forceu
Gokapi has privilege escalation with auth token Moderate
CVE-2026-29060 was published for github.com/forceu/gokapi (Go) Mar 5, 2026
Forceu Credited to Forceu
Gokapi has Data Leak in Upload Status Stream Moderate
CVE-2026-28682 was published for github.com/forceu/gokapi (Go) Mar 5, 2026
Sijisu Credited to Sijisu, aisafe-bot, and Forceu aisafe-bot aisafe-bot
Forceu Forceu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database