Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36,840 advisories

Loading
A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted... Moderate Unreviewed
CVE-2026-4991 was published Mar 28, 2026
A flaw has been found in wandb OpenUI up to 1.0. This affects the function create_share/get_share... Moderate Unreviewed
CVE-2026-4992 was published Mar 28, 2026
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Inventory System 1... Moderate Unreviewed
CVE-2026-30568 was published Mar 27, 2026
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7... Moderate Unreviewed
CVE-2026-28871 was published Mar 25, 2026
A vulnerability was identified in code-projects Social Networking Site 1.0. The impacted element... Moderate Unreviewed
CVE-2026-4969 was published Mar 27, 2026
A vulnerability was detected in SourceCodester Online Quiz System hasta 1.0. Affected by this... Moderate Unreviewed
CVE-2026-4973 was published Mar 27, 2026
A security vulnerability has been detected in code-projects Online Reviewer System up to 1.0.... Moderate Unreviewed
CVE-2026-4972 was published Mar 27, 2026
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")... Moderate Unreviewed
CVE-2026-3528 was published Mar 26, 2026
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")... Moderate Unreviewed
CVE-2026-3529 was published Mar 26, 2026
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting... Moderate Unreviewed
CVE-2026-32859 was published Mar 27, 2026
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an... Moderate Unreviewed
CVE-2025-41026 was published Mar 26, 2026
Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an... Moderate Unreviewed
CVE-2025-41027 was published Mar 26, 2026
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS)... High Unreviewed
CVE-2025-40842 was published Mar 25, 2026
A reflected Cross-Site Scripting (XSS) vulnerability has been discovered in Clickedu. This... Moderate Unreviewed
CVE-2026-5010 was published Mar 27, 2026
The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg... High Unreviewed
CVE-2026-5026 was published Mar 27, 2026
Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its image upload functionality. An... Moderate Unreviewed
CVE-2026-25100 was published Mar 27, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2026-3457 was published Mar 27, 2026
WordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability.... Moderate Unreviewed
CVE-2026-33559 was published Mar 27, 2026
A weakness has been identified in code-projects Exam Form Submission 1.0/7.php. This impacts an... Moderate Unreviewed
CVE-2026-4909 was published Mar 27, 2026
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this... Moderate Unreviewed
CVE-2026-4898 was published Mar 27, 2026
A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by... Moderate Unreviewed
CVE-2026-4899 was published Mar 27, 2026
Cross Site Scripting (xss) vulnerability in Timo 2.0.3 via crafted links in the title field. Moderate Unreviewed
CVE-2026-30162 was published Mar 26, 2026
Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting (XSS)... High Unreviewed
CVE-2025-12848 was published Nov 26, 2025
A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl... Moderate Unreviewed
CVE-2025-52204 was published Mar 23, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9... High Unreviewed
CVE-2026-2995 was published Mar 25, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database