GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
122 advisories
Filter by severity
Vibe-Trading before 0.1.10 contains a DNS rebinding authentication bypass vulnerability that...
High
Unreviewed
CVE-2026-58169
was published
Jun 30, 2026
Idira Identity Browser Extension (Chrome, Firefox, and Edge builds) versions prior to 26.8.1...
High
Unreviewed
CVE-2026-45173
was published
Jun 12, 2026
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub)...
High
Unreviewed
CVE-2026-10846
was published
Jun 10, 2026
Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted...
High
Unreviewed
CVE-2026-47825
was published
Jun 15, 2026
Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross...
High
Unreviewed
CVE-2026-41700
was published
Jun 11, 2026
Inappropriate implementation in Plugins in Google Chrome prior to 149.0.7827.103 allowed a remote...
High
Unreviewed
CVE-2026-11693
was published
Jun 9, 2026
Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control...
High
Unreviewed
CVE-2024-10534
was published
Nov 15, 2024
Origin Validation Error vulnerability in Akinsoft LimonDesk allows Forceful Browsing.This issue...
High
Unreviewed
CVE-2024-13068
was published
Sep 3, 2025
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
High
Unreviewed
CVE-2026-34929
was published
May 21, 2026
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
High
Unreviewed
CVE-2026-34927
was published
May 21, 2026
An origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service...
High
Unreviewed
CVE-2025-71214
was published
May 21, 2026
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
High
Unreviewed
CVE-2026-45207
was published
May 21, 2026
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
High
Unreviewed
CVE-2026-45206
was published
May 21, 2026
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
High
Unreviewed
CVE-2026-34930
was published
May 21, 2026
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
High
Unreviewed
CVE-2026-34928
was published
May 21, 2026
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to...
High
Unreviewed
CVE-2025-71213
was published
May 21, 2026
An origin validation error vulnerability in the Trend Micro Apex One (mac) agent self-protection...
High
Unreviewed
CVE-2025-71217
was published
May 21, 2026
Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because...
High
Unreviewed
CVE-2026-46728
was published
May 17, 2026
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information...
High
Unreviewed
CVE-2025-13947
was published
Dec 3, 2025
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000,...
High
Unreviewed
CVE-2000-1218
was published
Apr 30, 2022
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.6.6, 18...
High
Unreviewed
CVE-2025-7659
was published
Feb 11, 2026
An unauthenticated remote attacker is able to use an existing session id of a logged in user and...
High
Unreviewed
CVE-2022-50975
was published
Feb 2, 2026
Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows...
High
Unreviewed
CVE-2022-50925
was published
Jan 14, 2026
Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2...
High
Unreviewed
CVE-2026-20893
was published
Jan 7, 2026
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar...
High
Unreviewed
CVE-2025-69235
was published
Dec 30, 2025
ProTip!
Advisories are also available from the
GraphQL API