GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,556
Composer 5,975
Erlang 73
GitHub Actions 53
Go 4,004
Maven 6,648
npm 6,420
NuGet 974
pip 5,303
Pub 13
RubyGems 1,069
Rust 1,395
Swift 61

Unreviewed advisories

All unreviewed 307,830

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,470 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-39494 was published Jun 12, 2026

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that... Critical Unreviewed

CVE-2026-49973 was published Jun 11, 2026

Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its... Critical Unreviewed

CVE-2026-45177 was published Jun 11, 2026

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as... Critical Unreviewed

CVE-2026-41005 was published Jun 11, 2026

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS... Critical Unreviewed

CVE-2026-9648 was published Jun 11, 2026

Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information... Critical Unreviewed

CVE-2026-11839 was published Jun 11, 2026

SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote... Critical Unreviewed

CVE-2026-38581 was published Jun 11, 2026

Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC... Critical Unreviewed

CVE-2026-7852 was published Jun 11, 2026

A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on... Critical Unreviewed

CVE-2026-4764 was published Jun 11, 2026

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Critical Unreviewed

CVE-2026-35273 was published Jun 11, 2026

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric... Critical Unreviewed

CVE-2026-50638 was published Jun 10, 2026

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below... Critical Unreviewed

CVE-2026-20253 was published Jun 10, 2026

A flaw was found in migration-planner. A remote authenticated attacker could exploit this... Critical Unreviewed

CVE-2026-53474 was published Jun 10, 2026

A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer... Critical Unreviewed

CVE-2026-53475 was published Jun 10, 2026

A flaw was found in migration-planner. An authenticated attacker could exploit an improper access... Critical Unreviewed

CVE-2026-53470 was published Jun 10, 2026

A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by... Critical Unreviewed

CVE-2026-53469 was published Jun 10, 2026

A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same... Critical Unreviewed

CVE-2026-53476 was published Jun 10, 2026

A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens (JWTs)... Critical Unreviewed

CVE-2026-53471 was published Jun 10, 2026

The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up... Critical Unreviewed

CVE-2025-6254 was published Jun 10, 2026

The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user... Critical Unreviewed

CVE-2026-9067 was published Jun 10, 2026

QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS... Critical Unreviewed

CVE-2025-66276 was published Jun 10, 2026

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated... Critical Unreviewed

CVE-2026-44963 was published Jun 10, 2026

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect... Critical Unreviewed

CVE-2026-48303 was published Jun 9, 2026

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side... Critical Unreviewed

CVE-2026-47938 was published Jun 9, 2026

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation... Critical Unreviewed

CVE-2026-47928 was published Jun 9, 2026

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

26,470 advisories