GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains... Critical Unreviewed

CVE-2026-25212 was published Apr 2, 2026

Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to... Critical Unreviewed

CVE-2026-2699 was published Apr 2, 2026

Authenticated user can upload a malicious file to the server and execute it, which leads to... Critical Unreviewed

CVE-2026-2701 was published Apr 2, 2026

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in... Critical Unreviewed

CVE-2026-33615 was published Apr 2, 2026

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while... Critical Unreviewed

CVE-2026-34873 was published Apr 1, 2026

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is... Critical Unreviewed

CVE-2026-34872 was published Apr 1, 2026

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup... Critical Unreviewed

CVE-2026-30643 was published Apr 1, 2026

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can... Critical Unreviewed

CVE-2026-34875 was published Apr 1, 2026

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an... Critical Unreviewed

CVE-2026-20160 was published Apr 1, 2026

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character... Critical Unreviewed

CVE-2024-40489 was published Apr 1, 2026

A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3... Critical Unreviewed

CVE-2024-43028 was published Apr 1, 2026

A vulnerability in the change password functionality of Cisco Integrated Management Controller ... Critical Unreviewed

CVE-2026-20093 was published Apr 1, 2026

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig... Critical Unreviewed

CVE-2026-31027 was published Apr 1, 2026

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection... Critical Unreviewed

CVE-2026-29014 was published Apr 1, 2026

Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote... Critical Unreviewed

CVE-2026-5288 was published Apr 1, 2026

Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker... Critical Unreviewed

CVE-2026-5290 was published Apr 1, 2026

The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's... Critical Unreviewed

CVE-2025-15484 was published Apr 1, 2026

Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker... Critical Unreviewed

CVE-2026-5289 was published Apr 1, 2026

XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user... Critical Unreviewed

CVE-2025-71279 was published Apr 1, 2026

The MAVLink communication protocol does not require cryptographic authentication by default.... Critical Unreviewed

CVE-2026-1579 was published Mar 31, 2026

The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows... Critical Unreviewed

CVE-2026-3356 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows... Critical Unreviewed

CVE-2026-30285 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77... Critical Unreviewed

CVE-2026-30282 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows... Critical Unreviewed

CVE-2026-30278 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3... Critical Unreviewed

CVE-2026-30283 was published Mar 31, 2026

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,562 advisories