Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Loading
The command auto-approval module in Axon Code contains an OS Command Injection vulnerability,... Critical Unreviewed
CVE-2026-30303 was published Mar 27, 2026
An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to... Critical Unreviewed
CVE-2026-30457 was published Mar 26, 2026
An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset... Critical Unreviewed
CVE-2026-30458 was published Mar 26, 2026
plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an... Critical Unreviewed
CVE-2026-4809 was published Mar 26, 2026
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. ... Critical Unreviewed
CVE-2014-125112 was published Mar 26, 2026
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up... Critical Unreviewed
CVE-2026-4484 was published Mar 26, 2026
An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to... Critical Unreviewed
CVE-2025-70888 was published Mar 25, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio... Critical Unreviewed
CVE-2026-32573 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production... Critical Unreviewed
CVE-2026-32512 was published Mar 25, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2026-32499 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege... Critical Unreviewed
CVE-2026-32519 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Andrew Munro / AffiliateWP RewardsWP rewardswp... Critical Unreviewed
CVE-2026-32520 was published Mar 25, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2026-32539 was published Mar 25, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads... Critical Unreviewed
CVE-2026-32536 was published Mar 25, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic... Critical Unreviewed
CVE-2026-32523 was published Mar 25, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr... Critical Unreviewed
CVE-2026-32524 was published Mar 25, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters... Critical Unreviewed
CVE-2026-32525 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object... Critical Unreviewed
CVE-2026-27084 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object... Critical Unreviewed
CVE-2026-27082 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel... Critical Unreviewed
CVE-2026-27083 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat... Critical Unreviewed
CVE-2026-27095 was published Mar 25, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2026-31920 was published Mar 25, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload... Critical Unreviewed
CVE-2026-32482 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing... Critical Unreviewed
CVE-2026-32502 was published Mar 25, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro... Critical Unreviewed
CVE-2026-25413 was published Mar 25, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database