Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

196 advisories

Loading
In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to... High Unreviewed
CVE-2026-0017 was published Mar 2, 2026
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... High Unreviewed
CVE-2025-4521 was published Feb 19, 2026
Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before... High Unreviewed
CVE-2024-50617 was published Feb 12, 2026
HackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass... High Unreviewed
CVE-2026-21641 was published Jan 20, 2026
Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over... High Unreviewed
CVE-2026-20960 was published Jan 17, 2026
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The... High Unreviewed
CVE-2025-40830 was published Dec 9, 2025
The Primakon Pi Portal 1.0.18 API /api/V2/pp_udfv_admin endpoint, fails to perform necessary... High Unreviewed
CVE-2025-64065 was published Nov 25, 2025
The Primakon Pi Portal 1.0.18 /api/V2/pp_users?email endpoint is used for user data filtering but... High Unreviewed
CVE-2025-64062 was published Nov 25, 2025
Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized... High Unreviewed
CVE-2025-64655 was published Nov 21, 2025
The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-11521 was published Nov 11, 2025
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... High Unreviewed
CVE-2025-4519 was published Nov 7, 2025
Redis Enterprise Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-59271 was published Oct 9, 2025
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317... High Unreviewed
CVE-2025-59305 was published Sep 24, 2025
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due... High Unreviewed
CVE-2025-26430 was published Sep 5, 2025
The Application is vulnerable to an Unauthenticated Arbitrary File Read. This affects the Agent... High Unreviewed
CVE-2024-26291 was published Jul 14, 2025
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute... High Unreviewed
CVE-2025-49701 was published Jul 8, 2025
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without... High Unreviewed
CVE-2025-6713 was published Jul 7, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization... High Unreviewed
CVE-2025-46840 was published Jun 11, 2025
Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a... High Unreviewed
CVE-2024-43706 was published Jun 10, 2025
The WP-GeoMeta plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-4103 was published May 31, 2025
The Offsprout Page Builder plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-4672 was published May 31, 2025
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a... High Unreviewed
CVE-2025-4474 was published May 13, 2025
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a... High Unreviewed
CVE-2025-4473 was published May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5. An... High Unreviewed
CVE-2025-31249 was published May 13, 2025
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-3921 was published May 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database