Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

146 advisories

Loading
Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions. High Unreviewed
CVE-2026-56029 was published Jun 26, 2026
Capgo before 12.128.2 contains a security control bypass vulnerability where the PostgREST/RLS... High Unreviewed
CVE-2026-56243 was published Jun 23, 2026
WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows... High Unreviewed
CVE-2020-37255 was published Jun 20, 2026
Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions. High Unreviewed
CVE-2026-54804 was published Jun 17, 2026
Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions. High Unreviewed
CVE-2026-42629 was published Jun 17, 2026
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions. High Unreviewed
CVE-2026-25439 was published Jun 17, 2026
syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an... High Unreviewed
CVE-2026-12225 was published Jun 16, 2026
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions. High Unreviewed
CVE-2026-48970 was published Jun 15, 2026
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0... High Unreviewed
CVE-2026-42668 was published Jun 15, 2026
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions. High Unreviewed
CVE-2026-42411 was published Jun 15, 2026
Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions. High Unreviewed
CVE-2026-40785 was published Jun 15, 2026
Unauthenticated Broken Authentication in ReviewX <= 2.3.6 versions. High Unreviewed
CVE-2026-40781 was published Jun 15, 2026
Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions. High Unreviewed
CVE-2026-39450 was published Jun 15, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js... High Unreviewed
CVE-2026-49062 was published Jun 15, 2026
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the... High Unreviewed
CVE-2026-5415 was published Jun 5, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System... High Unreviewed
CVE-2026-42654 was published Jun 2, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP... High Unreviewed
CVE-2026-40780 was published Jun 2, 2026
Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64... High Unreviewed
CVE-2026-8697 was published May 28, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeisle Disable... High Unreviewed
CVE-2026-42749 was published May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and... High Unreviewed
CVE-2026-42760 was published May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online... High Unreviewed
CVE-2026-42745 was published May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare... High Unreviewed
CVE-2026-42735 was published May 27, 2026
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an... High Unreviewed
CVE-2026-24206 was published May 20, 2026
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass... High Unreviewed
CVE-2026-3324 was published Apr 16, 2026
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44286 was published Apr 2, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database