GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An arbitrary file overwrite vulnerability in Funambol, Inc. Zefiro Cloud v32.0.2026011614 allows... Critical Unreviewed

CVE-2026-30286 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite... Critical Unreviewed

CVE-2026-30281 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in DeftPDF Document Translator v54.0 allows attackers... Critical Unreviewed

CVE-2026-30276 was published Mar 31, 2026

In its design for automatic terminal command execution, Sixth offers two options: Execute safe... Critical Unreviewed

CVE-2026-30310 was published Mar 31, 2026

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30311 was published Mar 31, 2026

DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30312 was published Mar 31, 2026

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30314 was published Mar 31, 2026

OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage... Critical Unreviewed

CVE-2026-32917 was published Mar 31, 2026

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where... Critical Unreviewed

CVE-2026-32916 was published Mar 31, 2026

Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret... Critical Unreviewed

CVE-2025-15618 was published Mar 31, 2026

SQL inyection (SQLi) vulnerability in Umami Software web application through an improperly... Critical Unreviewed

CVE-2026-4317 was published Mar 31, 2026

Stored Cross-Site Scripting (XSS) in Teampass versions prior to 3.1.5.16, affecting the password... Critical Unreviewed

CVE-2026-3107 was published Mar 31, 2026

Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password... Critical Unreviewed

CVE-2026-3106 was published Mar 31, 2026

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code... Critical Unreviewed

CVE-2026-3300 was published Mar 31, 2026

The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template... Critical Unreviewed

CVE-2026-4257 was published Mar 31, 2026

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in... Critical Unreviewed

CVE-2026-34714 was published Mar 30, 2026

Syntx's command auto-approval module contains a critical OS command injection vulnerability that... Critical Unreviewed

CVE-2026-30305 was published Mar 30, 2026

In its design for automatic terminal command execution, HAI Build Code Generator offers two... Critical Unreviewed

CVE-2026-30308 was published Mar 30, 2026

Roo Code's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30307 was published Mar 30, 2026

In its design for automatic terminal command execution, SakaDev offers two options: Execute safe... Critical Unreviewed

CVE-2026-30306 was published Mar 30, 2026

DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30313 was published Mar 30, 2026

The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which... Critical Unreviewed

CVE-2026-2275 was published Mar 30, 2026

CrewAI does not properly check that Docker is still running during runtime, and will fall back to... Critical Unreviewed

CVE-2026-2287 was published Mar 30, 2026

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from... Critical Unreviewed

CVE-2026-2286 was published Mar 30, 2026

A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory... Critical Unreviewed

CVE-2026-30562 was published Mar 30, 2026

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,562 advisories