GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 32,549
Composer 6,122
Erlang 86
GitHub Actions 54
Go 4,175
Maven 6,713
npm 6,687
NuGet 1,019
pip 5,531
Pub 13
RubyGems 1,102
Rust 1,421
Swift 61

Unreviewed advisories

All unreviewed 310,882

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

84 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API... Moderate Unreviewed

CVE-2026-54817 was published Jun 17, 2026

Unauthenticated Broken Authentication in WooCommerce Dropshipping <= 5.2.4 versions. Moderate Unreviewed

CVE-2026-49071 was published Jun 17, 2026

Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions. Moderate Unreviewed

CVE-2026-40799 was published Jun 15, 2026

Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions. Moderate Unreviewed

CVE-2026-40790 was published Jun 15, 2026

Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions. Moderate Unreviewed

CVE-2026-42378 was published Jun 15, 2026

A user with physical access to a smartphone can bypass authentication mechanism of Kidsview... Moderate Unreviewed

CVE-2026-8990 was published May 28, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe... Moderate Unreviewed

CVE-2026-45217 was published May 26, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7,... Moderate Unreviewed

CVE-2026-4524 was published May 14, 2026

Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized... Moderate Unreviewed

CVE-2026-35422 was published May 12, 2026

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability where group reaction... Moderate Unreviewed

CVE-2026-35642 was published Apr 10, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal OpenID Connect /... Moderate Unreviewed

CVE-2026-3531 was published Mar 26, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18... Moderate Unreviewed

CVE-2026-2745 was published Mar 25, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal CAPTCHA allows... Moderate Unreviewed

CVE-2026-3214 was published Mar 25, 2026

Unsafe navigation in Navigation in Google Chrome on iOS prior to 146.0.7680.71 allowed a remote... Moderate Unreviewed

CVE-2026-3930 was published Mar 12, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18... Moderate Unreviewed

CVE-2026-0602 was published Mar 11, 2026

EC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass... Moderate Unreviewed

CVE-2026-30777 was published Mar 5, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8... Moderate Unreviewed

CVE-2026-1747 was published Feb 25, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked... Moderate Unreviewed

CVE-2026-22341 was published Feb 20, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in ahachat AhaChat... Moderate Unreviewed

CVE-2025-68895 was published Feb 20, 2026

A vulnerability in the management API of the affected product could allow an unauthenticated... Moderate Unreviewed

CVE-2026-23596 was published Feb 17, 2026

BloodX 1.0 contains an authentication bypass vulnerability in login.php that allows attackers to... Moderate Unreviewed

CVE-2020-37156 was published Feb 11, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra... Moderate Unreviewed

CVE-2026-0948 was published Feb 4, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal CKEditor 5... Moderate Unreviewed

CVE-2025-13980 was published Jan 28, 2026

A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS... Moderate Unreviewed

CVE-2025-46286 was published Jan 10, 2026

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists... Moderate Unreviewed

CVE-2025-67282 was published Jan 9, 2026

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

84 advisories