GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
393 advisories
Filter by severity
Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing...
High
Unreviewed
CVE-2026-55960
was published
Jun 25, 2026
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier ...
High
Unreviewed
CVE-2026-11310
was published
Jun 25, 2026
X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate...
High
Unreviewed
CVE-2026-11999
was published
Jun 25, 2026
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper...
High
Unreviewed
CVE-2026-46734
was published
Jun 25, 2026
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
High
Unreviewed
CVE-2026-54100
was published
Jun 22, 2026
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
High
Unreviewed
CVE-2026-9258
was published
Jun 16, 2026
Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or...
High
Unreviewed
CVE-2026-9259
was published
Jun 16, 2026
Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and...
High
Unreviewed
CVE-2026-45170
was published
Jun 12, 2026
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control...
High
Unreviewed
CVE-2026-45175
was published
Jun 11, 2026
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed...
High
Unreviewed
CVE-2026-9758
was published
Jun 10, 2026
A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an...
High
Unreviewed
CVE-2026-50752
was published
Jun 8, 2026
An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging...
High
Unreviewed
CVE-2026-44393
was published
Jun 4, 2026
A network man-in-the-middle between nats-sync and the BOSH director can steal the director...
High
Unreviewed
CVE-2026-41859
was published
Jun 4, 2026
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name ...
High
Unreviewed
CVE-2026-42013
was published
May 27, 2026
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a...
High
Unreviewed
CVE-2026-42012
was published
May 27, 2026
FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS...
High
Unreviewed
CVE-2026-48697
was published
May 26, 2026
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6...
High
Unreviewed
CVE-2026-8992
was published
May 26, 2026
Open ISES Tickets before 3.44.2 disables TLS certificate verification in rm/incs/mobile_login.inc...
High
Unreviewed
CVE-2026-48249
was published
May 21, 2026
Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/login.inc.php by...
High
Unreviewed
CVE-2026-48248
was published
May 21, 2026
Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/functions.inc.php...
High
Unreviewed
CVE-2026-48247
was published
May 21, 2026
Open ISES Tickets before 3.44.2 disables TLS certificate verification in ajax/reports.php by...
High
Unreviewed
CVE-2026-48246
was published
May 21, 2026
SSL verification is disabled in the DNS Cluster system. This could allow for a malicious server...
High
Unreviewed
CVE-2026-32992
was published
May 14, 2026
Improper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1...
High
Unreviewed
CVE-2026-7821
was published
May 7, 2026
An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0...
High
Unreviewed
CVE-2026-5787
was published
May 7, 2026
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were...
High
Unreviewed
CVE-2026-42011
was published
May 7, 2026
ProTip!
Advisories are also available from the
GraphQL API