GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
31,879 advisories
Filter by severity
IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication...
Critical
Unreviewed
CVE-2026-8505
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in...
Critical
Unreviewed
CVE-2026-8476
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in...
Critical
Unreviewed
CVE-2026-8481
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2026-13446
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to...
Critical
Unreviewed
CVE-2026-8635
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files...
Critical
Unreviewed
CVE-2026-8859
was published
Jul 17, 2026
IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2026-15091
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit...
Critical
Unreviewed
CVE-2026-9135
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access...
Critical
Unreviewed
CVE-2026-9103
was published
Jul 17, 2026
An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 ...
Critical
Unreviewed
CVE-2026-9586
was published
Jul 17, 2026
Improper neutralization of special elements used in an SQL command ('SQL injection')...
Critical
Unreviewed
CVE-2026-8297
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to chain /api/v1...
Critical
Unreviewed
CVE-2026-9198
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user...
Critical
Unreviewed
CVE-2026-9202
was published
Jul 17, 2026
Missing Authorization vulnerability in Vimesoft Inc. Enterprise Video Platform allows Accessing...
Critical
Unreviewed
CVE-2026-12694
was published
Jul 17, 2026
Authorization bypass through User-Controlled key vulnerability in Vimesoft Inc. Enterprise Video...
Critical
Unreviewed
CVE-2026-12693
was published
Jul 17, 2026
Unverified password change vulnerability in Vimesoft Inc. Enterprise Video Platform allows...
Critical
Unreviewed
CVE-2026-12692
was published
Jul 17, 2026
HCL Aftermarket EPC is affected by Business Logic Vulnerability using which a non valid user of...
Critical
Unreviewed
CVE-2024-23564
was published
Jul 17, 2026
libpvestorage-perl v9.1.1 and libpve-storage-perl v8.3.7 were discovered to contain an XML...
Critical
Unreviewed
CVE-2026-51080
was published
Jul 17, 2026
The AI Copilot WordPress plugin before 1.5.4 does not bind OAuth access tokens to a WordPress...
Critical
Unreviewed
CVE-2026-9810
was published
Jul 17, 2026
The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for...
Critical
Unreviewed
CVE-2026-15982
was published
Jul 17, 2026
clawvet self-hosted API server (apps/api) before 0.7.5 hard-codes a fallback JWT secret ('clawvet...
Critical
Unreviewed
CVE-2026-62241
was published
Jul 17, 2026
Grav before 2.0.4 contains a two-factor authentication bypass vulnerability in the login plugin...
Critical
Unreviewed
CVE-2026-62232
was published
Jul 17, 2026
The Bricksforge plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,...
Critical
Unreviewed
CVE-2026-14956
was published
Jul 17, 2026
Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and...
Critical
Unreviewed
CVE-2026-53412
was published
Jul 17, 2026
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup...
Critical
Unreviewed
CVE-2026-57075
was published
Jul 17, 2026
ProTip!
Advisories are also available from the
GraphQL API