Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,016
Maven
5,000+
npm
4,737
NuGet
814
pip
4,347
Pub
12
RubyGems
987
Rust
1,140
Swift
50
Unreviewed advisories
All unreviewed
5,000+

194 advisories

Loading
A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function... Moderate Unreviewed
CVE-2026-2968 was published Feb 23, 2026
The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2026-2385 was published Feb 22, 2026
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... Moderate Unreviewed
CVE-2025-14444 was published Feb 18, 2026
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows... Moderate Unreviewed
CVE-2026-21527 was published Feb 10, 2026
EVE Doesn't Protect Rootfs Moderate
CVE-2023-43636 was published for github.com/lf-edge/eve/pkg/grub (Go) Feb 4, 2026
The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due... Moderate Unreviewed
CVE-2026-0939 was published Jan 16, 2026
Cosign verification accepts any valid Rekor entry under certain conditions Moderate
CVE-2026-22703 was published for github.com/sigstore/cosign/v2 (Go) Jan 13, 2026
1seal
Credited to 1seal
A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the... Moderate Unreviewed
CVE-2025-15154 was published Dec 28, 2025
Auth0 Symfony SDK has Improper Audience Validation via Auth0-PHP SDK Moderate
GHSA-f3r2-88mq-9v4g was published for auth0/symfony (Composer) Dec 17, 2025
The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment... Moderate Unreviewed
CVE-2025-12752 was published Nov 22, 2025
MantisBT lacks verification when changing a user's email address Moderate
CVE-2025-55155 was published for mantisbt/mantisbt (Composer) Nov 3, 2025
ncrcs dregad
Credited to ncrcs and dregad
A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function... Moderate Unreviewed
CVE-2025-12295 was published Oct 27, 2025
On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application,... Moderate Unreviewed
CVE-2025-12080 was published Oct 27, 2025
A vulnerability was identified in chatwoot up to 4.7.0. This vulnerability affects the function... Moderate Unreviewed
CVE-2025-12245 was published Oct 27, 2025
An issue in the firmware update mechanism of Nous W3 Smart WiFi Camera v1.33.50.82 allows... Moderate Unreviewed
CVE-2025-56438 was published Oct 24, 2025
matrix-js-sdk has insufficient validation when considering a room to be upgraded by another Moderate
CVE-2025-59160 was published for matrix-js-sdk (npm) Sep 16, 2025
cai0duque
Credited to cai0duque
In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to... Moderate Unreviewed
CVE-2025-0092 was published Aug 27, 2025
Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config Moderate
GHSA-vv6j-3g6g-2pvj was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper Moderate
GHSA-vr7h-p6mm-wpmh was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.utils.collect_env.run Moderate
GHSA-f745-w6jp-hpxx was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression Moderate
GHSA-f4x7-rfwp-v3xw was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch._dynamo.guards.GuardBuilder.get Moderate
GHSA-86cj-95qr-2p4f was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_cprofile Moderate
GHSA-4r9r-ch6f-vxmx was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function... Moderate Unreviewed
CVE-2025-8978 was published Aug 14, 2025
A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2025-8979 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database