GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,787
Composer 5,986
Erlang 73
GitHub Actions 53
Go 4,029
Maven 6,658
npm 6,516
NuGet 976
pip 5,380
Pub 13
RubyGems 1,070
Rust 1,404
Swift 61

Unreviewed advisories

All unreviewed 309,116

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,786 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nur-Alam39 bus-ticket (no released versions; latest commit... Critical Unreviewed

CVE-2026-55740 was published Jun 18, 2026

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink... Critical Unreviewed

CVE-2026-12569 was published Jun 18, 2026

Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple... Critical Unreviewed

CVE-2026-54388 was published Jun 17, 2026

Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length... Critical Unreviewed

CVE-2026-54387 was published Jun 17, 2026

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in... Critical Unreviewed

CVE-2026-55200 was published Jun 17, 2026

Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey... Critical Unreviewed

CVE-2026-55196 was published Jun 17, 2026

NVIDIA Spatial Intelligence Lab's (SIL) GEN3C contains an unauthenticated remote code execution... Critical Unreviewed

CVE-2026-53805 was published Jun 17, 2026

Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread... Critical Unreviewed

CVE-2026-3894 was published Jun 17, 2026

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute... Critical Unreviewed

CVE-2026-20266 was published Jun 17, 2026

Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows... Critical Unreviewed

CVE-2026-2467 was published Jun 17, 2026

picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated... Critical Unreviewed

CVE-2026-53874 was published Jun 17, 2026

picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass the... Critical Unreviewed

CVE-2026-3490 was published Jun 17, 2026

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper... Critical Unreviewed

CVE-2026-36418 was published Jun 17, 2026

picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to... Critical Unreviewed

CVE-2026-53873 was published Jun 17, 2026

picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote... Critical Unreviewed

CVE-2025-71323 was published Jun 17, 2026

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute... Critical Unreviewed

CVE-2026-20181 was published Jun 17, 2026

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and... Critical Unreviewed

CVE-2026-42055 was published Jun 17, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-54812 was published Jun 17, 2026

NGINX Open Source has a vulnerability in the ngx_http_v3_module module. When NGINX Open Source is... Critical Unreviewed

CVE-2026-42530 was published Jun 17, 2026

picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers... Critical Unreviewed

CVE-2025-71321 was published Jun 17, 2026

The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 ... Critical Unreviewed

CVE-2026-55743 was published Jun 17, 2026

picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and... Critical Unreviewed

CVE-2025-71320 was published Jun 17, 2026

picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when... Critical Unreviewed

CVE-2025-71325 was published Jun 17, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-54808 was published Jun 17, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-54815 was published Jun 17, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

26,786 advisories