Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,948
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,383
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

683 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft MyRezzta allows... Moderate Unreviewed
CVE-2024-13063 was published Jun 1, 2026
The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched... Moderate Unreviewed
CVE-2026-46764 was published Jun 1, 2026
In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of... Moderate Unreviewed
CVE-2026-49386 was published May 29, 2026
The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction,... Moderate Unreviewed
CVE-2026-7651 was published May 28, 2026
The Meta Field Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed
CVE-2026-3173 was published May 28, 2026
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed
CVE-2026-9228 was published May 28, 2026
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-9241 was published May 28, 2026
Authorization Bypass Through User-Controlled Key vulnerability in WP Wham Checkout Files Upload... Moderate Unreviewed
CVE-2026-42725 was published May 27, 2026
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in ONLYOFFICE DocSpace... Moderate Unreviewed
CVE-2026-38587 was published May 26, 2026
OutSystems Lifetime is vulnerable to Authorization Bypass Through User-Controlled Key... Moderate Unreviewed
CVE-2026-40127 was published May 26, 2026
Concrete CMS 9.5.0 and below is subject to Insecure Direct Object Reference (IDOR) in the Express... Moderate Unreviewed
CVE-2026-7881 was published May 22, 2026
Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend... Moderate Unreviewed
CVE-2026-8204 was published May 21, 2026
The Broadstreet plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed
CVE-2026-1881 was published May 21, 2026
A flaw was found in Keycloak. The cross-session verification proof is keyed only by (local userId... Moderate Unreviewed
CVE-2026-9087 was published May 20, 2026
The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is... Moderate Unreviewed
CVE-2026-6566 was published May 20, 2026
The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-6072 was published May 20, 2026
A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object... Moderate Unreviewed
CVE-2026-4630 was published May 19, 2026
A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can... Moderate Unreviewed
CVE-2026-37978 was published May 19, 2026
The create and edit flows do not restrict which user properties may be submitted and do not... Moderate Unreviewed
CVE-2026-46721 was published May 19, 2026
Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology,... Moderate Unreviewed
CVE-2026-6008 was published May 14, 2026
The MW WP Form plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2026-6206 was published May 14, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.9.7, 18... Moderate Unreviewed
CVE-2026-3074 was published May 14, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 11.10 before 18.9.7, 18... Moderate Unreviewed
CVE-2026-6063 was published May 14, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.9.7,... Moderate Unreviewed
CVE-2026-1338 was published May 14, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18... Moderate Unreviewed
CVE-2026-3073 was published May 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database