GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,362
Composer 5,942
Erlang 70
GitHub Actions 52
Go 3,967
Maven 6,619
npm 6,387
NuGet 973
pip 5,262
Pub 13
RubyGems 1,064
Rust 1,387
Swift 56

Unreviewed advisories

All unreviewed 306,485

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

595 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A... Critical Unreviewed

CVE-2025-71318 was published Jun 5, 2026

Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution... Critical Unreviewed

CVE-2026-25550 was published Jun 4, 2026

WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that... Critical Unreviewed

CVE-2019-25738 was published Jun 4, 2026

Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an... Critical Unreviewed

CVE-2026-0611 was published Jun 2, 2026

Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated... Critical Unreviewed

CVE-2018-25412 was published May 30, 2026

There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard... Critical Unreviewed

CVE-2026-9051 was published May 29, 2026

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator... Critical Unreviewed

CVE-2026-8732 was published May 29, 2026

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP... Critical Unreviewed

CVE-2026-8364 was published May 27, 2026

A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP... Critical Unreviewed

CVE-2026-9152 was published May 21, 2026

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass... Critical Unreviewed

CVE-2026-9141 was published May 20, 2026

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload... Critical Unreviewed

CVE-2026-20223 was published May 20, 2026

API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication... Critical Unreviewed

CVE-2026-31071 was published May 19, 2026

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows... Critical Unreviewed

CVE-2018-25332 was published May 17, 2026

WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows... Critical Unreviewed

CVE-2018-25335 was published May 17, 2026

The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset... Critical Unreviewed

CVE-2026-31242 was published May 12, 2026

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows... Critical Unreviewed

CVE-2021-47933 was published May 10, 2026

WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload... Critical Unreviewed

CVE-2021-47940 was published May 10, 2026

OpenCATS 0.9.4 contains a remote code execution vulnerability that allows unauthenticated... Critical Unreviewed

CVE-2021-47936 was published May 10, 2026

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections... Critical Unreviewed

CVE-2026-7415 was published May 7, 2026

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in... Critical Unreviewed

CVE-2023-54342 was published May 5, 2026

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows... Critical Unreviewed

CVE-2023-54344 was published May 5, 2026

Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the ... Critical Unreviewed

CVE-2026-42796 was published May 4, 2026

cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20,... Critical Unreviewed

CVE-2026-41940 was published Apr 29, 2026

The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with... Critical Unreviewed

CVE-2026-3893 was published Apr 28, 2026

A vulnerability in SenseLive X3050’s embedded management service allows full administrative... Critical Unreviewed

CVE-2026-40620 was published Apr 24, 2026

Previous1…24 Next

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

595 advisories