Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
48
Go
3,361
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,554
Pub
12
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

2,355 advisories

Loading
An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has... High Unreviewed
CVE-2026-4266 was published Mar 30, 2026
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization... High Unreviewed
CVE-2026-4416 was published Mar 30, 2026
Saloon has insecure deserialization in AccessTokenAuthenticator High
CVE-2026-33942 was published for saloonphp/saloon (Composer) Mar 27, 2026
JonPurvis Credited to JonPurvis, Sammyjo20, and HuajiHD Sammyjo20 Sammyjo20
HuajiHD HuajiHD
splunk-otel-javaagent: Unsafe deserialization in RMI instrumentation may lead to Remote Code Execution Critical
GHSA-h8w2-rv57-vc6f was published for com.splunk:splunk-otel-javaagent (Maven) Mar 26, 2026
dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution Critical
CVE-2026-33728 was published for com.datadoghq:dd-java-agent (Maven) Mar 26, 2026
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via... High Unreviewed
CVE-2026-3328 was published Mar 26, 2026
OpenTelemetry: Unsafe Deserialization in RMI Instrumentation may Lead to Remote Code Execution Critical
CVE-2026-33701 was published for io.opentelemetry.javaagent:opentelemetry-javaagent (Maven) Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object... Moderate Unreviewed
CVE-2026-32509 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object... Moderate Unreviewed
CVE-2026-32508 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object... Moderate Unreviewed
CVE-2026-32506 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object... Moderate Unreviewed
CVE-2026-32510 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production... Critical Unreviewed
CVE-2026-32512 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object... Moderate Unreviewed
CVE-2026-32507 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive... High Unreviewed
CVE-2026-32513 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object... Moderate Unreviewed
CVE-2026-32511 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object... High Unreviewed
CVE-2026-32484 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing... Critical Unreviewed
CVE-2026-32502 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel... Critical Unreviewed
CVE-2026-27083 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat... Critical Unreviewed
CVE-2026-27095 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object... Critical Unreviewed
CVE-2026-27082 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object... Critical Unreviewed
CVE-2026-27084 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object... High Unreviewed
CVE-2026-25400 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks nexa-blocks allows Object... Critical Unreviewed
CVE-2026-25429 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb... High Unreviewed
CVE-2026-27045 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This... High Unreviewed
CVE-2026-25360 was published Mar 25, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database