GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,135
Composer 5,773
Erlang 55
GitHub Actions 50
Go 3,732
Maven 6,532
npm 6,042
NuGet 935
pip 4,952
Pub 13
RubyGems 1,055
Rust 1,343
Swift 54

Unreviewed advisories

All unreviewed 301,078

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,929 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The VerySecureApp made by DIVD using Mendix Studio Pro 11.8.0 Beta allows unintended data... Critical Unreviewed

CVE-2026-7891 was published May 8, 2026

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized... Critical Unreviewed

CVE-2026-42826 was published May 8, 2026

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized... Critical Unreviewed

CVE-2026-33109 was published May 8, 2026

Improper neutralization of special elements used in a command ('command injection') in Azure... Critical Unreviewed

CVE-2026-35428 was published May 8, 2026

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information... Critical Unreviewed

CVE-2026-33823 was published May 8, 2026

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized... Critical Unreviewed

CVE-2026-33844 was published May 8, 2026

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections... Critical Unreviewed

CVE-2026-7415 was published May 7, 2026

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware... Critical Unreviewed

CVE-2026-7414 was published May 7, 2026

URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information... Critical Unreviewed

CVE-2026-6795 was published May 7, 2026

Cross-Site request forgery (CSRF) vulnerability in DivvyDrive Information Technologies Inc.... Critical Unreviewed

CVE-2026-5791 was published May 7, 2026

Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute... Critical Unreviewed

CVE-2026-6508 was published May 7, 2026

Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute... Critical Unreviewed

CVE-2026-33587 was published May 7, 2026

Spring Cloud Config allows applications to serve arbitrary text and binary files through the... Critical Unreviewed

CVE-2026-40982 was published May 7, 2026

OpenClaw before 2026.4.10 contains an improper network binding vulnerability in the sandbox... Critical Unreviewed

CVE-2026-43581 was published May 6, 2026

OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing... Critical Unreviewed

CVE-2026-43585 was published May 6, 2026

OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and... Critical Unreviewed

CVE-2026-44109 was published May 6, 2026

OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in... Critical Unreviewed

CVE-2026-43575 was published May 6, 2026

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where... Critical Unreviewed

CVE-2026-43578 was published May 6, 2026

Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to... Critical Unreviewed

CVE-2026-7908 was published May 6, 2026

Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had... Critical Unreviewed

CVE-2026-7910 was published May 6, 2026

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal)... Critical Unreviewed

CVE-2026-0300 was published May 6, 2026

NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment... Critical Unreviewed

CVE-2026-7875 was published May 6, 2026

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are... Critical Unreviewed

CVE-2026-5081 was published May 6, 2026

Missing invocation of Servlet http web request method changeSessionId after session binding can... Critical Unreviewed

CVE-2026-40010 was published May 6, 2026

Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp... Critical Unreviewed

CVE-2026-28780 was published May 6, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,929 advisories