Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

1,008 advisories

Loading
A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can... Critical Unreviewed
CVE-2026-50632 was published Jun 12, 2026
A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which... Critical Unreviewed
CVE-2026-50633 was published Jun 12, 2026
A malicious actor with access to the network and low privileges could exploit an Improper Input... Critical Unreviewed
CVE-2026-47369 was published Jun 12, 2026
A malicious actor with access to the network and low privileges could exploit an Improper Input... Critical Unreviewed
CVE-2026-47367 was published Jun 12, 2026
A malicious actor with access to the network and low privileges could exploit an Improper Input... Critical Unreviewed
CVE-2026-47370 was published Jun 12, 2026
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation... Critical Unreviewed
CVE-2026-47928 was published Jun 9, 2026
Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed... Critical Unreviewed
CVE-2026-11697 was published Jun 9, 2026
Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote... Critical Unreviewed
CVE-2026-11659 was published Jun 9, 2026
Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews. Critical
CVE-2026-47430 was published for cordova-plugin-inappbrowser (npm) Jun 8, 2026
NiklasMerz Credited to NiklasMerz
DbGate: Unauthenticated Remote Code Execution via JSON Script Runner Critical
CVE-2026-47668 was published for dbgate-serve (npm) Jun 5, 2026
benharvey-sage Credited to benharvey-sage
Insufficient validation of untrusted input in Autofill in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11207 was published Jun 5, 2026
Insufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827... Critical Unreviewed
CVE-2026-11213 was published Jun 5, 2026
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11198 was published Jun 5, 2026
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11146 was published Jun 5, 2026
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11095 was published Jun 5, 2026
Inappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a... Critical Unreviewed
CVE-2026-11119 was published Jun 5, 2026
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149... Critical Unreviewed
CVE-2026-11120 was published Jun 5, 2026
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11113 was published Jun 5, 2026
Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0... Critical Unreviewed
CVE-2026-11112 was published Jun 5, 2026
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11066 was published Jun 5, 2026
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149... Critical Unreviewed
CVE-2026-11070 was published Jun 5, 2026
Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to... Critical Unreviewed
CVE-2026-11056 was published Jun 5, 2026
Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0... Critical Unreviewed
CVE-2026-11063 was published Jun 5, 2026
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to... Critical Unreviewed
CVE-2026-11029 was published Jun 5, 2026
Inappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a... Critical Unreviewed
CVE-2026-11047 was published Jun 5, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database