Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

560 advisories

Loading
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an... Low Unreviewed
CVE-2026-3237 was published Mar 17, 2026
A security vulnerability has been detected in CodeGenieApp serverless-express up to 4.17.1.... Moderate Unreviewed
CVE-2026-4171 was published Mar 16, 2026
Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk... Critical Unreviewed
CVE-2026-30793 was published Mar 5, 2026
In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to... High Unreviewed
CVE-2026-0017 was published Mar 2, 2026
The The Events Calendar plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2026-2694 was published Feb 26, 2026
A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown... Moderate Unreviewed
CVE-2026-3185 was published Feb 25, 2026
A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability... Low Unreviewed
CVE-2026-2974 was published Feb 23, 2026
A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the... Moderate Unreviewed
CVE-2025-15582 was published Feb 20, 2026
SPIP before 4.3.6, 4.2.17, and 4.1.20 allows unauthorized content disclosure in the private area.... Moderate Unreviewed
CVE-2025-71242 was published Feb 19, 2026
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is... High Unreviewed
CVE-2025-4521 was published Feb 19, 2026
An authorization issue was addressed with improved state management. This issue is fixed in macOS... Moderate Unreviewed
CVE-2026-20666 was published Feb 12, 2026
An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed
CVE-2026-20661 was published Feb 12, 2026
A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and... Low Unreviewed
CVE-2026-20656 was published Feb 12, 2026
An authorization issue was addressed with improved state management. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43403 was published Feb 12, 2026
Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before... High Unreviewed
CVE-2024-50617 was published Feb 12, 2026
Improper authorization in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within... Moderate Unreviewed
CVE-2025-30508 was published Feb 10, 2026
It was identified that under certain specific preconditions, an API key that was originally... Critical Unreviewed
CVE-2024-37282 was published Jan 30, 2026
The web interface offers a functionality to export the internal SQLite database. After executing... Moderate Unreviewed
CVE-2025-59100 was published Jan 26, 2026
Azure Entra ID Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2026-24305 was published Jan 23, 2026
HackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass... High Unreviewed
CVE-2026-21641 was published Jan 20, 2026
The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and... Moderate Unreviewed
CVE-2025-14348 was published Jan 20, 2026
Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over... High Unreviewed
CVE-2026-20960 was published Jan 17, 2026
This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed... Moderate Unreviewed
CVE-2026-22641 was published Jan 15, 2026
A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the... Moderate Unreviewed
CVE-2025-67603 was published Jan 8, 2026
The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized... Low Unreviewed
CVE-2025-12958 was published Jan 7, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database