Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140,437 advisories

Loading
A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names. Moderate Unreviewed
CVE-2026-21991 was published Mar 17, 2026
A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7... Moderate Unreviewed
CVE-2026-4289 was published Mar 17, 2026
A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The... Moderate Unreviewed
CVE-2026-4287 was published Mar 17, 2026
A vulnerability was identified in taoofagi easegen-admin up to... Moderate Unreviewed
CVE-2026-4285 was published Mar 17, 2026
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The... Moderate Unreviewed
CVE-2026-4288 was published Mar 17, 2026
A vulnerability was determined in taoofagi easegen-admin up to... Moderate Unreviewed
CVE-2026-4284 was published Mar 17, 2026
Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The... Moderate Unreviewed
CVE-2025-69693 was published Mar 16, 2026
Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file... Moderate Unreviewed
CVE-2026-29516 was published Mar 16, 2026
An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8.... Moderate Unreviewed
CVE-2025-69727 was published Mar 16, 2026
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify run_create permission for... Moderate Unreviewed
CVE-2026-26304 was published Mar 16, 2026
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to handle... Moderate Unreviewed
CVE-2026-2454 was published Mar 16, 2026
Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a... Moderate Unreviewed
CVE-2026-1629 was published Mar 16, 2026
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting... Moderate Unreviewed
CVE-2026-29513 was published Mar 16, 2026
A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function... Moderate Unreviewed
CVE-2026-4253 was published Mar 16, 2026
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery... Moderate Unreviewed
CVE-2026-29521 was published Mar 16, 2026
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a reflected cross-site scripting... Moderate Unreviewed
CVE-2026-29520 was published Mar 16, 2026
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting... Moderate Unreviewed
CVE-2026-29510 was published Mar 16, 2026
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was... Moderate Unreviewed
CVE-2026-3644 was published Mar 16, 2026
When an Expat parser with a registered ElementDeclHandler parses an inline document type... Moderate Unreviewed
CVE-2026-4224 was published Mar 16, 2026
An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of... Moderate Unreviewed
CVE-2025-65734 was published Mar 16, 2026
Missing Authorization vulnerability in Webnus Inc. Modern Events Calendar allows Exploiting... Moderate Unreviewed
CVE-2026-32583 was published Mar 16, 2026
Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32587 was published Mar 16, 2026
Cross Site scripting vulnerability (XSS) in NetBox 4.3.5 "comment" field on object forms. An... Moderate Unreviewed
CVE-2025-57543 was published Mar 16, 2026
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to canonicalize... Moderate Unreviewed
CVE-2026-2455 was published Mar 16, 2026
Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly... Moderate Unreviewed
CVE-2026-24692 was published Mar 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database