GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,362
Composer 5,942
Erlang 70
GitHub Actions 52
Go 3,967
Maven 6,619
npm 6,387
NuGet 973
pip 5,262
Pub 13
RubyGems 1,064
Rust 1,387
Swift 56

Unreviewed advisories

All unreviewed 306,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

607 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run... High Unreviewed

CVE-2024-27890 was published Jun 5, 2026

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run... High Unreviewed

CVE-2024-27892 was published Jun 5, 2026

The registration path /v1/account/register provides no bot mitigation mechanisms, allowing... High Unreviewed

CVE-2026-50225 was published Jun 4, 2026

Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD actions... High Unreviewed

CVE-2026-36603 was published Jun 3, 2026

Cryptographic Issue while processing a specific partition which allows unauthorized write access... High Unreviewed

CVE-2026-24088 was published Jun 2, 2026

Cryptographic issue while processing partition table entries allows unauthorized modification of... High Unreviewed

CVE-2026-24090 was published Jun 2, 2026

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT... High Unreviewed

CVE-2026-5768 was published May 29, 2026

Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without... High Unreviewed

CVE-2026-49195 was published May 29, 2026

Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal... High Unreviewed

CVE-2026-46826 was published May 28, 2026

Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64... High Unreviewed

CVE-2026-8697 was published May 28, 2026

FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no... High Unreviewed

CVE-2026-48692 was published May 26, 2026

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could... High Unreviewed

CVE-2026-8602 was published May 19, 2026

The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows its authentication to... High Unreviewed

CVE-2025-27853 was published May 13, 2026

A remote code execution vulnerability exists in Code Runner MCP Server when run with the -... High Unreviewed

CVE-2026-5029 was published May 12, 2026

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected... High Unreviewed

CVE-2026-22924 was published May 12, 2026

In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to... High Unreviewed

CVE-2026-44413 was published May 11, 2026

A vulnerability in the access control mechanism of SonicOS may allow certain management interface... High Unreviewed

CVE-2026-0204 was published Apr 29, 2026

An unsecured configuration interface on affected devices allows unauthenticated remote attackers... High Unreviewed

CVE-2026-3323 was published Apr 28, 2026

Penetration Testing engineers at Amazon have identified a security flaw related to request... High Unreviewed

CVE-2024-54013 was published Apr 28, 2026

CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI... High Unreviewed

CVE-2026-41473 was published Apr 24, 2026

A client holding only a read JWT scope can still register itself as a signal provider through the... High Unreviewed

CVE-2026-6272 was published Apr 24, 2026

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of... High Unreviewed

CVE-2026-35064 was published Apr 24, 2026

A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to... High Unreviewed

CVE-2026-6376 was published Apr 23, 2026

Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the... High Unreviewed

CVE-2018-25259 was published Apr 22, 2026

Inadequate access control in the registration process in Fullstep V5, which could allow... High Unreviewed

CVE-2026-5749 was published Apr 22, 2026

Previous1…25 Next

Previous 1 2 3 4 5 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

607 advisories