Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

14,305 advisories

Loading
A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this... Low Unreviewed
CVE-2026-8733 was published May 17, 2026
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function... Low Unreviewed
CVE-2026-8731 was published May 17, 2026
A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the... Low Unreviewed
CVE-2026-8729 was published May 17, 2026
A flaw has been found in Open5GS up to 2.7.6. This impacts the function... Low Unreviewed
CVE-2026-8730 was published May 17, 2026
A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils... Low Unreviewed
CVE-2026-8735 was published May 17, 2026
A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the... Low Unreviewed
CVE-2026-8728 was published May 17, 2026
A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils... Low Unreviewed
CVE-2026-8724 was published May 17, 2026
Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS)... Low Unreviewed
CVE-2026-8656 was published May 16, 2026
ciguard: discover_pipeline_files follows symlinks out of scan root Low
CVE-2026-44220 was published for ciguard (pip) May 5, 2026
ciguard: Container image runs as root (no USER directive) Low
CVE-2026-44218 was published for ciguard (pip) May 5, 2026
MCP Registry's GitHub OIDC tokens are replayable across registry deployments due to shared audience Low
CVE-2026-44428 was published for github.com/modelcontextprotocol/registry (Go) May 8, 2026
FORIMOC Credited to FORIMOC and rdimitrov rdimitrov rdimitrov
nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect) Low
CVE-2026-44589 was published for nuxt-og-image (npm) May 7, 2026
b-hermes Credited to b-hermes
Strapi: Password Reset Does Not Revoke Existing Refresh Sessions Low
CVE-2026-22706 was published for @strapi/admin (npm) May 13, 2026
zaddy6 Credited to zaddy6, arthurgervais, derrickmehaffy, AndyAnh174, and Aastha2602 arthurgervais arthurgervais
derrickmehaffy derrickmehaffy AndyAnh174 AndyAnh174 Aastha2602 Aastha2602
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce the PostEditTimeLimit... Low Unreviewed
CVE-2026-4053 was published May 15, 2026
Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8568 was published May 14, 2026
Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed... Low Unreviewed
CVE-2026-8556 was published May 14, 2026
Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168... Low Unreviewed
CVE-2026-8579 was published May 14, 2026
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8545 was published May 14, 2026
Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8578 was published May 14, 2026
Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168... Low Unreviewed
CVE-2026-8572 was published May 14, 2026
Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8554 was published May 14, 2026
Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0... Low Unreviewed
CVE-2026-8536 was published May 14, 2026
Permission control vulnerability in the app management and control module. Impact: Successful... Low Unreviewed
CVE-2026-41962 was published May 15, 2026
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this... Low Unreviewed
CVE-2026-41963 was published May 15, 2026
An out of bounds read in the remote management firmware could allow a privileged attacker read a... Low Unreviewed
CVE-2024-21950 was published May 15, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database