Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

595 advisories

Loading
Missing Authentication for Critical Function vulnerability in ePati Cyber ​​Security Technologies... Critical Unreviewed
CVE-2026-2624 was published Feb 25, 2026
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A... Critical Unreviewed
CVE-2025-71318 was published Jun 5, 2026
Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in... Critical Unreviewed
CVE-2025-8350 was published Feb 19, 2026
Avation Light Engine Pro exposes its configuration and control interface without any... Critical Unreviewed
CVE-2026-1341 was published Feb 4, 2026
Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution... Critical Unreviewed
CVE-2026-25550 was published Jun 4, 2026
WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that... Critical Unreviewed
CVE-2019-25738 was published Jun 4, 2026
Delta Electronics DIAView has multiple vulnerabilities. Critical Unreviewed
CVE-2025-62582 was published Jan 16, 2026
Improper Access Control vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured... Critical Unreviewed
CVE-2024-0336 was published Jun 3, 2024
Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission... Critical Unreviewed
CVE-2024-0949 was published Jun 27, 2024
The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be... Critical Unreviewed
CVE-2020-27285 was published May 24, 2022
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions... Critical Unreviewed
CVE-2016-9369 was published May 17, 2022
Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an... Critical Unreviewed
CVE-2026-0611 was published Jun 2, 2026
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data... Critical Unreviewed
CVE-2024-8074 was published Nov 12, 2024
Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated... Critical Unreviewed
CVE-2018-25412 was published May 30, 2026
There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard... Critical Unreviewed
CVE-2026-9051 was published May 29, 2026
The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator... Critical Unreviewed
CVE-2026-8732 was published May 29, 2026
Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP... Critical Unreviewed
CVE-2026-8364 was published May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas... Critical Unreviewed
CVE-2023-4702 was published Sep 14, 2023
A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP... Critical Unreviewed
CVE-2026-9152 was published May 21, 2026
Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass... Critical Unreviewed
CVE-2026-9141 was published May 20, 2026
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload... Critical Unreviewed
CVE-2026-20223 was published May 20, 2026
API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication... Critical Unreviewed
CVE-2026-31071 was published May 19, 2026
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows... Critical Unreviewed
CVE-2018-25332 was published May 17, 2026
WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows... Critical Unreviewed
CVE-2018-25335 was published May 17, 2026
The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset... Critical Unreviewed
CVE-2026-31242 was published May 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database