GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,562 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks nexa-blocks allows Object... Critical Unreviewed

CVE-2026-25429 was published Mar 25, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart... Critical Unreviewed

CVE-2026-25447 was published Mar 25, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll... Critical Unreviewed

CVE-2026-27044 was published Mar 25, 2026

Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This... Critical Unreviewed

CVE-2026-27051 was published Mar 25, 2026

Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly... Critical Unreviewed

CVE-2026-27071 was published Mar 25, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core... Critical Unreviewed

CVE-2026-27049 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-25377 was published Mar 25, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad... Critical Unreviewed

CVE-2026-25366 was published Mar 25, 2026

Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery... Critical Unreviewed

CVE-2026-25345 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar... Critical Unreviewed

CVE-2026-24378 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ricky allows Object... Critical Unreviewed

CVE-2026-25032 was published Mar 25, 2026

Incorrect Privilege Assignment vulnerability in Elated-Themes Search & Go searchgo allows... Critical Unreviewed

CVE-2026-24971 was published Mar 25, 2026

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege... Critical Unreviewed

CVE-2026-24968 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-24993 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs... Critical Unreviewed

CVE-2026-24989 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in park_of_ideas Goldish goldish allows Object... Critical Unreviewed

CVE-2026-25030 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in park_of_ideas Tasty Daily tastydaily allows... Critical Unreviewed

CVE-2026-25031 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in park_of_ideas KIDZ kidz allows Object... Critical Unreviewed

CVE-2026-25029 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-25340 was published Mar 25, 2026

Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker /... Critical Unreviewed

CVE-2026-25035 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in axiomthemes m2 | Construction and Tools Store... Critical Unreviewed

CVE-2026-22500 was published Mar 25, 2026

Deserialization of Untrusted Data vulnerability in AncoraThemes Beelove beelove allows Object... Critical Unreviewed

CVE-2026-22507 was published Mar 25, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-22484 was published Mar 25, 2026

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in... Critical Unreviewed

CVE-2025-32991 was published Mar 25, 2026

In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables... Critical Unreviewed

CVE-2025-59706 was published Mar 25, 2026

Previous 1…6…400 Next

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,562 advisories