GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
348,257 advisories
Filter by severity
Authentication bypass using an alternate path or channel in Microsoft Edge (Chromium-based)...
Moderate
Unreviewed
CVE-2026-57980
was published
Jul 18, 2026
Exposure of private personal information to an unauthorized actor in Windows RDP allows an...
High
Unreviewed
CVE-2026-56171
was published
Jul 18, 2026
Skipper: Incomplete fix for CVE-2026-50197: an oversized body can bypass OPA deny-on-presence Rego policies
High
GHSA-8qqm-fp2q-v734
was published
for
github.com/zalando/skipper
(Go)
Jul 17, 2026
Skipper's routesrv-no-auth component: All routesrv API Endpoints Lack Authentication
Moderate
CVE-2026-54246
was published
for
github.com/zalando/skipper
(Go)
Jul 17, 2026
CloudTAK: Authenticated full-read SSRF in the /api/esri* routes — user-controlled URL fetched with no IP-classification guard
High
CVE-2026-55177
was published
for
@tak-ps/cloudtak
(npm)
Jul 17, 2026
cool-admin-java 8.0.0 has a SQL injection vulnerability in the order() method of CrudOption.java.
Unknown
Unreviewed
CVE-2026-52348
was published
Jul 17, 2026
Buffer Overflow vulnerability in libjxl v.0.11.2 and before allows a local attacker to obtain...
Unknown
Unreviewed
CVE-2026-52584
was published
Jul 17, 2026
An issue in MCMS v.6.1.1 allows a remote attacker to obtain sensitive information via the source...
Unknown
Unreviewed
CVE-2026-52203
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow remote code execution due to...
High
Unreviewed
CVE-2026-7755
was published
Jul 17, 2026
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a trap when compiling a...
Moderate
Unreviewed
CVE-2026-7771
was published
Jul 17, 2026
IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9...
Low
Unreviewed
CVE-2026-7364
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication...
Critical
Unreviewed
CVE-2026-8505
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files...
High
Unreviewed
CVE-2026-7872
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to override component parameters...
High
Unreviewed
CVE-2026-8056
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the...
High
Unreviewed
CVE-2026-13445
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2026-13446
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to...
Critical
Unreviewed
CVE-2026-8635
was published
Jul 17, 2026
A vulnerability was detected in AstrBotDevs AstrBot up to 4.25.2. This affects the function...
Low
Unreviewed
CVE-2026-16074
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to create a malicious flow...
High
Unreviewed
CVE-2026-7667
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery ...
High
Unreviewed
CVE-2026-7754
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in...
Critical
Unreviewed
CVE-2026-8476
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in...
Critical
Unreviewed
CVE-2026-8481
was published
Jul 17, 2026
IBM Security Verify could allow a remote attacker to obtain sensitive information when a detailed...
Moderate
Unreviewed
CVE-2026-8861
was published
Jul 17, 2026
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files...
Critical
Unreviewed
CVE-2026-8859
was published
Jul 17, 2026
django-pyas2 through 1.2.3 is vulnerable to OS command injection via the cmd_receive and cmd_send...
Unknown
Unreviewed
CVE-2026-42168
was published
Jul 17, 2026
ProTip!
Advisories are also available from the
GraphQL API