GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 32,549
Composer 6,122
Erlang 86
GitHub Actions 54
Go 4,175
Maven 6,713
npm 6,687
NuGet 1,019
pip 5,531
Pub 13
RubyGems 1,102
Rust 1,421
Swift 61

Unreviewed advisories

All unreviewed 310,887

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

225 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass... Critical Unreviewed

CVE-2019-25763 was published Jun 20, 2026

Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions. Critical Unreviewed

CVE-2026-49767 was published Jun 17, 2026

Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions. Critical Unreviewed

CVE-2026-49764 was published Jun 15, 2026

An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and... Critical Unreviewed

CVE-2026-10523 was published Jun 9, 2026

Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or... Critical Unreviewed

CVE-2025-41273 was published May 29, 2026

In Slican telephone exchanges it is possible to manage the control panel remotely. An... Critical Unreviewed

CVE-2026-35090 was published May 27, 2026

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can... Critical Unreviewed

CVE-2026-35087 was published May 27, 2026

Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C... Critical Unreviewed

CVE-2026-33843 was published May 26, 2026

An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras.... Critical Unreviewed

CVE-2026-8598 was published May 20, 2026

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an... Critical Unreviewed

CVE-2026-24207 was published May 20, 2026

Authorization Bypass vulnerability in Creartia's ICMS software could allow an attacker to gain... Critical Unreviewed

CVE-2026-4320 was published May 18, 2026

ELECOM wireless LAN access point devices do not require authentication to access some specific... Critical Unreviewed

CVE-2026-40621 was published May 13, 2026

The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass... Critical Unreviewed

CVE-2026-7458 was published May 2, 2026

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to... Critical Unreviewed

CVE-2026-7567 was published May 1, 2026

A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to... Critical Unreviewed

CVE-2026-40630 was published Apr 24, 2026

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2026-3461 was published Apr 22, 2026

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150. Critical Unreviewed

CVE-2026-6768 was published Apr 21, 2026

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and... Critical Unreviewed

CVE-2026-6771 was published Apr 21, 2026

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150. Critical Unreviewed

CVE-2026-6760 was published Apr 21, 2026

megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition... Critical Unreviewed

CVE-2026-31271 was published Apr 7, 2026

In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during... Critical Unreviewed

CVE-2026-30079 was published Apr 7, 2026

An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login... Critical Unreviewed

CVE-2026-31151 was published Apr 6, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core... Critical Unreviewed

CVE-2026-27049 was published Mar 25, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker /... Critical Unreviewed

CVE-2026-25035 was published Mar 25, 2026

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149 and... Critical Unreviewed

CVE-2026-4700 was published Mar 24, 2026

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

225 advisories