Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,894 advisories

Loading
An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8.... Moderate Unreviewed
CVE-2025-69727 was published Mar 16, 2026
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3938 was published Mar 12, 2026
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3940 was published Mar 12, 2026
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3934 was published Mar 12, 2026
Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote... Moderate Unreviewed
CVE-2026-3939 was published Mar 12, 2026
A vulnerability has been found in Technologies Integrated Management Platform 7.17.0. Affected by... Moderate Unreviewed
CVE-2026-4220 was published Mar 16, 2026
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an... Moderate Unreviewed
CVE-2026-4221 was published Mar 16, 2026
A weakness has been identified in glowxq glowxq-oj up to 6f7c723090472057252040fd2bbbdaa1b5ed2393... Moderate Unreviewed
CVE-2026-4201 was published Mar 16, 2026
A flaw has been found in JawherKl node-api-postgres up to 2.5. Affected is the function path... Moderate Unreviewed
CVE-2026-4191 was published Mar 16, 2026
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the... Moderate Unreviewed
CVE-2026-3111 was published Mar 16, 2026
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or... Moderate Unreviewed
CVE-2026-0977 was published Mar 16, 2026
Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions... Moderate Unreviewed
CVE-2024-22459 was published Feb 28, 2024
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of... Moderate Unreviewed
CVE-2024-20291 was published Feb 29, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6,... Moderate Unreviewed
CVE-2023-4895 was published Feb 22, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... Moderate Unreviewed
CVE-2024-1525 was published Feb 22, 2024
Improper Access Control in moodle Moderate
CVE-2024-25981 was published for moodle/moodle (Composer) Feb 19, 2024
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing... Moderate Unreviewed
CVE-2024-26263 was published Feb 15, 2024
Improper Access Control in moodle Moderate
CVE-2024-25980 was published for moodle/moodle (Composer) Feb 19, 2024
OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists Moderate
GHSA-9vvh-2768-c8vp was published for openclaw (npm) Mar 13, 2026
zpbrent Credited to zpbrent
Keycloak: Improper Access Control Leading to MFA Deletion and Account Takeover in Keycloak Account REST API Moderate
CVE-2026-3429 was published for org.keycloak:keycloak-services (Maven) Mar 11, 2026
Vaadin Vulnerable to Authentication Bypass When Accessing the /VAADIN Endpoint Without a Trailing Slash Moderate
CVE-2026-2742 was published for com.vaadin:flow-server (Maven) Mar 10, 2026
The register protection of the PowerVR GPU is incorrectly configured. This could lead to local... Moderate Unreviewed
CVE-2026-0108 was published Mar 10, 2026
django-unicorn affected by component state manipulation via unvalidated attribute access Moderate
CVE-2026-31815 was published for django-unicorn (pip) Mar 11, 2026
RinZ27 Credited to RinZ27
A security vulnerability has been detected in Tiandy Video Surveillance System 视频监控平台 7.17.0. The... Moderate Unreviewed
CVE-2026-3797 was published Mar 9, 2026
A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function... Moderate Unreviewed
CVE-2026-3749 was published Mar 8, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database