Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

97 advisories

Loading
Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and... High Unreviewed
CVE-2026-22753 was published Apr 22, 2026
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2026-32225 was published Apr 14, 2026
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2026-20701 was published Mar 25, 2026
In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could... High Unreviewed
CVE-2026-0118 was published Mar 10, 2026
An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2... High Unreviewed
CVE-2024-55024 was published Mar 3, 2026
In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage... High Unreviewed
CVE-2025-48653 was published Mar 2, 2026
In enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access... High Unreviewed
CVE-2026-0011 was published Mar 2, 2026
In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, there is a... High Unreviewed
CVE-2025-48602 was published Mar 2, 2026
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to... High Unreviewed
CVE-2025-48605 was published Mar 2, 2026
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch... High Unreviewed
CVE-2024-31328 was published Mar 2, 2026
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, macOS... High Unreviewed
CVE-2026-20667 was published Feb 12, 2026
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4,... High Unreviewed
CVE-2025-46290 was published Feb 12, 2026
Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2026-21513 was published Feb 10, 2026
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2026-21510 was published Feb 10, 2026
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability... High Unreviewed
CVE-2025-40536 was published Jan 28, 2026
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox <... High Unreviewed
CVE-2026-24868 was published Jan 27, 2026
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147,... High Unreviewed
CVE-2026-0877 was published Jan 13, 2026
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app... High Unreviewed
CVE-2025-46281 was published Dec 17, 2025
A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An... High Unreviewed
CVE-2025-46291 was published Dec 17, 2025
Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd.... High Unreviewed
CVE-2025-14304 was published Dec 17, 2025
Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability... High Unreviewed
CVE-2025-14302 was published Dec 17, 2025
Certain motherboard models developed by MSI has a Protection Mechanism Failure vulnerability.... High Unreviewed
CVE-2025-14303 was published Dec 17, 2025
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may... High Unreviewed
CVE-2025-67460 was published Dec 10, 2025
Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical... High Unreviewed
CVE-2025-34413 was published Dec 9, 2025
Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may... High Unreviewed
CVE-2025-35968 was published Nov 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database