GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
4,558 advisories
Filter by severity
Improper neutralization of special elements used in an SQL command ('SQL injection')...
Moderate
Unreviewed
CVE-2026-14363
was published
Jul 1, 2026
SQL Injection vulnerability in GoAdminGroup GoAdmin (last release v1.2.26) allows a remote...
Moderate
Unreviewed
CVE-2026-51946
was published
Jul 1, 2026
Improper neutralization of special elements used in an SQL command ('SQL injection')...
Moderate
Unreviewed
CVE-2026-58521
was published
Jul 1, 2026
The MotoPress Appointment Booking plugin for WordPress is vulnerable to generic SQL Injection via...
Moderate
Unreviewed
CVE-2026-13454
was published
Jul 1, 2026
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for...
Moderate
Unreviewed
CVE-2026-12110
was published
Jul 1, 2026
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for...
Moderate
Unreviewed
CVE-2026-12090
was published
Jul 1, 2026
SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user...
Moderate
Unreviewed
CVE-2025-53648
was published
Jun 30, 2026
Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended...
Moderate
Unreviewed
CVE-2026-13752
was published
Jun 29, 2026
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-13333
was published
Jun 27, 2026
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-13331
was published
Jun 27, 2026
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-13226
was published
Jun 26, 2026
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’...
Moderate
Unreviewed
CVE-2026-12079
was published
Jun 25, 2026
The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ...
Moderate
Unreviewed
CVE-2026-2508
was published
Jun 25, 2026
SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2026-52673
was published
Jun 23, 2026
SQL injection in pgAdmin 4's named restore point endpoint (POST /browser/server/restore_point/...
Moderate
Unreviewed
CVE-2026-12050
was published
Jun 19, 2026
The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to generic SQL...
Moderate
Unreviewed
CVE-2026-11360
was published
Jun 18, 2026
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress...
Moderate
Unreviewed
CVE-2026-11777
was published
Jun 18, 2026
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-10736
was published
Jun 18, 2026
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress...
Moderate
Unreviewed
CVE-2026-11776
was published
Jun 18, 2026
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Neutralization of Special...
Moderate
Unreviewed
CVE-2026-35069
was published
Jun 17, 2026
SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x...
Moderate
Unreviewed
CVE-2026-6428
was published
Jun 13, 2026
SQL injection vulnerability in phpBB profile field migration due to improper handling of user...
Moderate
Unreviewed
CVE-2026-48613
was published
Jun 12, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by...
Moderate
Unreviewed
CVE-2026-11945
was published
Jun 11, 2026
SAP S/4HANA(On-Premise) contains SQL injection vulnerability in a remote-enabled function module...
Moderate
Unreviewed
CVE-2026-44744
was published
Jun 9, 2026
The OptinCraft – Drag & Drop Optins & Popup Builder for WordPress plugin for WordPress is...
Moderate
Unreviewed
CVE-2026-8978
was published
Jun 6, 2026
ProTip!
Advisories are also available from the
GraphQL API