GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,602

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,051 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell... Critical Unreviewed

CVE-2026-31231 was published May 12, 2026

PySyft (Syft Datasite/Server) versions 0.9.5 and earlier are vulnerable to remote code execution... Critical Unreviewed

CVE-2026-31220 was published May 12, 2026

phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha:... Critical Unreviewed

CVE-2026-46364 was published May 15, 2026

phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts... Critical Unreviewed

CVE-2026-45010 was published May 15, 2026

WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload... Critical Unreviewed

CVE-2021-47965 was published May 15, 2026

Reserved. Details will be published at disclosure. Critical Unreviewed

CVE-2026-45393 was published May 12, 2026

An Improper Access Control vulnerability in several internal API endpoints for Google Cloud... Critical Unreviewed

CVE-2026-2031 was published May 15, 2026

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code... Critical Unreviewed

CVE-2026-41553 was published May 15, 2026

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal... Critical Unreviewed

CVE-2026-41552 was published May 15, 2026

Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML... Critical Unreviewed

CVE-2026-7182 was published May 15, 2026

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by... Critical Unreviewed

CVE-2026-43376 was published May 8, 2026

Reserved. Details will be published at disclosure. Critical Unreviewed

CVE-2026-45392 was published May 12, 2026

Reserved. Details will be published at disclosure. Critical Unreviewed

CVE-2026-45391 was published May 12, 2026

The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and... Critical Unreviewed

CVE-2026-5229 was published May 15, 2026

A supply chain attack compromised the official installation packages of DAEMON Tools Lite ... Critical Unreviewed

CVE-2026-8398 was published May 15, 2026

Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a... Critical Unreviewed

CVE-2026-0481 was published May 15, 2026

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in... Critical Unreviewed

CVE-2026-5121 was published Mar 30, 2026

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat.... Critical Unreviewed

CVE-2026-43512 was published May 12, 2026

The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions... Critical Unreviewed

CVE-2026-31236 was published May 12, 2026

Horovod thru 0.28.1 contains an insecure deserialization vulnerability (CWE-502) in its KVStore... Critical Unreviewed

CVE-2026-31234 was published May 12, 2026

The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization (CWE-502)... Critical Unreviewed

CVE-2026-31239 was published May 12, 2026

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) in its model... Critical Unreviewed

CVE-2026-31238 was published May 12, 2026

Improper Authorization vulnerability when multiple method constraints define an HTTP method for... Critical Unreviewed

CVE-2026-43515 was published May 12, 2026

Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3. Critical Unreviewed

CVE-2026-8401 was published May 12, 2026

Guardrails AI thru 0.6.7 contains a code injection vulnerability (CWE-94) in its Hub package... Critical Unreviewed

CVE-2026-31233 was published May 12, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,051 advisories