GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,606 advisories
Filter by severity
Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later...
Moderate
Unreviewed
CVE-2026-2725
was published
May 13, 2026
Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect...
Critical
Unreviewed
CVE-2026-48286
was published
Jun 30, 2026
Improper authorization in Samsung Internet prior to version 30.0.0.39 allows local attackers to...
Moderate
Unreviewed
CVE-2026-21036
was published
Jun 5, 2026
An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application...
Moderate
Unreviewed
CVE-2026-43000
was published
May 28, 2026
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in...
Moderate
Unreviewed
CVE-2026-42999
was published
May 28, 2026
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed....
Critical
Unreviewed
CVE-2026-41283
was published
Jun 4, 2026
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
High
Unreviewed
CVE-2026-45490
was published
Jun 9, 2026
A flaw was found in Keycloak. A limited administrator can exploit an improper access control...
High
Unreviewed
CVE-2026-11577
was published
Jun 8, 2026
The dashboard permissions API does not verify the target dashboard scope and only checks the...
High
Unreviewed
CVE-2026-21721
was published
Jan 27, 2026
SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and...
High
Unreviewed
CVE-2026-27140
was published
Apr 8, 2026
Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated...
Moderate
Unreviewed
CVE-2026-57953
was published
Jun 29, 2026
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
High
Unreviewed
CVE-2026-57950
was published
Jun 29, 2026
Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table...
High
Unreviewed
CVE-2026-57951
was published
Jun 29, 2026
RustDesk gates incoming control messages on per-capability flags rather than on the session's...
High
Unreviewed
CVE-2026-58056
was published
Jun 28, 2026
Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3...
Moderate
Unreviewed
CVE-2026-41047
was published
Jun 22, 2026
Incorrect caching of authentication between different polkit methods in qSnapper before version 1...
High
Unreviewed
CVE-2026-41048
was published
Jun 22, 2026
Incorrect caching of authentication between different users of the qSnapper dbus service before...
High
Unreviewed
CVE-2026-41049
was published
Jun 22, 2026
A flaw was found in Keycloak. An authenticated user with existing organization membership can...
Moderate
Unreviewed
CVE-2026-9791
was published
May 28, 2026
A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive...
Moderate
Unreviewed
CVE-2024-10306
was published
Apr 23, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6,...
Moderate
Unreviewed
CVE-2026-5796
was published
Jun 25, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6,...
Moderate
Unreviewed
CVE-2026-5952
was published
Jun 25, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0...
Low
Unreviewed
CVE-2026-0934
was published
Jun 25, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6,...
Moderate
Unreviewed
CVE-2026-11379
was published
Jun 25, 2026
Authorization handling for component configuration verification requests in Apache NiFi 1.15.0...
Low
Unreviewed
CVE-2026-44911
was published
Jun 22, 2026
NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration...
Moderate
Unreviewed
CVE-2026-56694
was published
Jun 23, 2026
ProTip!
Advisories are also available from the
GraphQL API