GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
19 advisories
Filter by severity
Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection...
High
Unreviewed
CVE-2026-11422
was published
Jun 5, 2026
Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown...
High
Unreviewed
CVE-2026-50733
was published
Jun 5, 2026
In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices...
High
Unreviewed
CVE-2026-8914
was published
Jun 5, 2026
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an...
High
Unreviewed
CVE-2026-48962
was published
May 27, 2026
The flash-attention project thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 (2025-13-04)...
High
Unreviewed
CVE-2026-31254
was published
May 11, 2026
Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution...
High
Unreviewed
CVE-2026-22666
was published
Apr 7, 2026
PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()'...
High
Unreviewed
CVE-2020-37137
was published
Feb 5, 2026
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor...
High
Unreviewed
CVE-2026-0863
was published
Jan 18, 2026
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4...
High
Unreviewed
CVE-2025-65530
was published
Dec 12, 2025
A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with...
High
Unreviewed
CVE-2025-61955
was published
Oct 15, 2025
The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version...
High
Unreviewed
CVE-2025-8420
was published
Aug 6, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary...
High
Unreviewed
CVE-2024-10633
was published
Jan 26, 2025
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is...
High
Unreviewed
CVE-2023-26323
was published
Aug 28, 2024
The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in all versions...
High
Unreviewed
CVE-2024-3562
was published
Jun 20, 2024
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not...
High
Unreviewed
CVE-2023-7245
was published
Feb 20, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39...
High
Unreviewed
CVE-2023-6735
was published
Jan 12, 2024
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external...
High
Unreviewed
CVE-2023-7224
was published
Jan 8, 2024
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet:...
High
Unreviewed
CVE-2023-7101
was published
Dec 25, 2023
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702,...
High
Unreviewed
CVE-2021-33678
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API