GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote... Critical Unreviewed

CVE-2026-27876 was published Mar 27, 2026

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to... Critical Unreviewed

CVE-2026-30457 was published Mar 26, 2026

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset... Critical Unreviewed

CVE-2026-30458 was published Mar 26, 2026

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an... Critical Unreviewed

CVE-2026-4809 was published Mar 26, 2026

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up... Critical Unreviewed

CVE-2026-4484 was published Mar 26, 2026

Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. ... Critical Unreviewed

CVE-2014-125112 was published Mar 26, 2026

An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to... Critical Unreviewed

CVE-2025-70888 was published Mar 25, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio... Critical Unreviewed

CVE-2026-32573 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-32539 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads... Critical Unreviewed

CVE-2026-32536 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production... Critical Unreviewed

CVE-2026-32512 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-32499 was published Mar 25, 2026

Incorrect Privilege Assignment vulnerability in Andrew Munro / AffiliateWP RewardsWP rewardswp... Critical Unreviewed

CVE-2026-32520 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic... Critical Unreviewed

CVE-2026-32523 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr... Critical Unreviewed

CVE-2026-32524 was published Mar 25, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters... Critical Unreviewed

CVE-2026-32525 was published Mar 25, 2026

Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege... Critical Unreviewed

CVE-2026-32519 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object... Critical Unreviewed

CVE-2026-27084 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object... Critical Unreviewed

CVE-2026-27082 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel... Critical Unreviewed

CVE-2026-27083 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat... Critical Unreviewed

CVE-2026-27095 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-31920 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload... Critical Unreviewed

CVE-2026-32482 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing... Critical Unreviewed

CVE-2026-32502 was published Mar 25, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll... Critical Unreviewed

CVE-2026-27044 was published Mar 25, 2026

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,562 advisories