GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 32,549
Composer 6,122
Erlang 86
GitHub Actions 54
Go 4,175
Maven 6,713
npm 6,687
NuGet 1,019
pip 5,531
Pub 13
RubyGems 1,102
Rust 1,421
Swift 61

Unreviewed advisories

All unreviewed 310,882

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

956 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table... High Unreviewed

CVE-2026-57951 was published Jun 29, 2026

ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control... High Unreviewed

CVE-2026-57950 was published Jun 29, 2026

RustDesk gates incoming control messages on per-capability flags rather than on the session's... High Unreviewed

CVE-2026-58056 was published Jun 28, 2026

Incorrect caching of authentication between different polkit methods in qSnapper before version 1... High Unreviewed

CVE-2026-41048 was published Jun 22, 2026

Incorrect caching of authentication between different users of the qSnapper dbus service before... High Unreviewed

CVE-2026-41049 was published Jun 22, 2026

PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI... High Unreviewed

CVE-2026-56075 was published Jun 19, 2026

WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that... High Unreviewed

CVE-2016-20075 was published Jun 15, 2026

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect... High Unreviewed

CVE-2026-34023 was published Jun 15, 2026

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command... High Unreviewed

CVE-2026-53828 was published Jun 13, 2026

OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch... High Unreviewed

CVE-2026-53834 was published Jun 13, 2026

An incorrect authorization vulnerability in MISP allows an organization administrator to target... High Unreviewed

CVE-2026-54358 was published Jun 12, 2026

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16... High Unreviewed

CVE-2026-7387 was published Jun 12, 2026

The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the... High Unreviewed

CVE-2026-45831 was published Jun 12, 2026

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive... High Unreviewed

CVE-2026-53807 was published Jun 11, 2026

Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation... High Unreviewed

CVE-2026-53738 was published Jun 11, 2026

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote... High Unreviewed

CVE-2026-24724 was published Jun 10, 2026

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization... High Unreviewed

CVE-2026-47929 was published Jun 9, 2026

Improper authorization in .NET allows an authorized attacker to elevate privileges locally. High Unreviewed

CVE-2026-45490 was published Jun 9, 2026

A flaw was found in Keycloak. A limited administrator can exploit an improper access control... High Unreviewed

CVE-2026-11577 was published Jun 8, 2026

A logic error in the MISP CRUD component delete handler allowed validation failures to be... High Unreviewed

CVE-2026-10860 was published Jun 4, 2026

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. High Unreviewed

CVE-2025-14774 was published Jun 3, 2026

In version 3.6.19 of prefecthq/prefect, an authentication bypass vulnerability exists due to the... High Unreviewed

CVE-2026-3514 was published Jun 2, 2026

In multiple locations, there is a possible background activity launch due to a missing permission... High Unreviewed

CVE-2025-32348 was published Jun 2, 2026

OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route... High Unreviewed

CVE-2026-35674 was published May 29, 2026

Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business... High Unreviewed

CVE-2026-46823 was published May 28, 2026

Previous1…39 Next

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

956 advisories