GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,394
Composer 5,352
Erlang 44
GitHub Actions 45
Go 3,227
Maven 6,312
npm 5,194
NuGet 864
pip 4,502
Pub 12
RubyGems 995
Rust 1,187
Swift 51

Unreviewed advisories

All unreviewed 293,853

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,320 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server... Critical Unreviewed

CVE-2026-25873 was published Mar 18, 2026

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. ... Critical Unreviewed

CVE-2026-3381 was published Mar 5, 2026

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2026-2991 was published Mar 18, 2026

The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command... Critical Unreviewed

CVE-2024-45163 was published Aug 22, 2024

Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection... Critical Unreviewed

CVE-2026-25449 was published Mar 18, 2026

Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product... Critical Unreviewed

CVE-2026-21994 was published Mar 18, 2026

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local... Critical Unreviewed

CVE-2026-32746 was published Mar 13, 2026

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed

CVE-2024-24019 was published Feb 7, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-25927 was published Feb 28, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-25910 was published Feb 28, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2023-6260 was published Feb 20, 2024

Stack Overflow vulnerability in the validate() function in Mathtex v.1.05 and before allows a... Critical Unreviewed

CVE-2023-51889 was published Jan 24, 2024

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions... Critical Unreviewed

CVE-2024-27198 was published Mar 4, 2024

Unauthenticated remote attackers can access the system through the LoadMaster management... Critical Unreviewed

CVE-2024-1212 was published Feb 21, 2024

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7... Critical Unreviewed

CVE-2024-23113 was published Feb 15, 2024

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that... Critical Unreviewed

CVE-2021-37415 was published May 24, 2022

Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass... Critical Unreviewed

CVE-2026-32841 was published Mar 18, 2026

The /root/anaconda-ks.cfg installation configuration file in International Datacasting... Critical Unreviewed

CVE-2026-29120 was published Mar 4, 2026

JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess... Critical Unreviewed

CVE-2026-32295 was published Mar 17, 2026

The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including... Critical Unreviewed

CVE-2026-32297 was published Mar 17, 2026

The GL-iNet Comet (GL-RM1) KVM web interface does not limit login requests, enabling brute-force... Critical Unreviewed

CVE-2026-32292 was published Mar 17, 2026

International Datacasting Corporation (IDC) SFX2100 Satellite Receiver, trivial password for... Critical Unreviewed

CVE-2026-28777 was published Mar 4, 2026

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities... Critical Unreviewed

CVE-2026-4177 was published Mar 17, 2026

A condition in ScreenConnect may allow an actor with access to server-level cryptographic... Critical Unreviewed

CVE-2026-3564 was published Mar 17, 2026

A command injection vulnerability in the minimal_wrapper.py component of kubectl-mcp-server v1.2... Critical Unreviewed

CVE-2025-69902 was published Mar 16, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,320 advisories