Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

1,011 advisories

Loading
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink... Critical Unreviewed
CVE-2026-12569 was published Jun 18, 2026
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Critical Unreviewed
CVE-2026-46910 was published Jun 17, 2026
A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP... Critical Unreviewed
CVE-2026-50628 was published Jun 12, 2026
Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews. Critical
CVE-2026-47430 was published for cordova-plugin-inappbrowser (npm) Jun 8, 2026
NiklasMerz Credited to NiklasMerz
A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can... Critical Unreviewed
CVE-2026-50632 was published Jun 12, 2026
A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which... Critical Unreviewed
CVE-2026-50633 was published Jun 12, 2026
A malicious actor with access to the network and low privileges could exploit an Improper Input... Critical Unreviewed
CVE-2026-47369 was published Jun 12, 2026
A malicious actor with access to the network and low privileges could exploit an Improper Input... Critical Unreviewed
CVE-2026-47370 was published Jun 12, 2026
A malicious actor with access to the network and low privileges could exploit an Improper Input... Critical Unreviewed
CVE-2026-47367 was published Jun 12, 2026
Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to... Critical Unreviewed
CVE-2026-11029 was published Jun 5, 2026
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation... Critical Unreviewed
CVE-2026-47928 was published Jun 9, 2026
Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed... Critical Unreviewed
CVE-2026-11697 was published Jun 9, 2026
Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote... Critical Unreviewed
CVE-2026-11659 was published Jun 9, 2026
Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827... Critical Unreviewed
CVE-2026-11021 was published Jun 5, 2026
Picklescan Bypass is Possible via File Extension Mismatch Critical
CVE-2025-10155 was published for picklescan (pip) Sep 10, 2025
Inappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a... Critical Unreviewed
CVE-2026-11119 was published Jun 5, 2026
Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0... Critical Unreviewed
CVE-2026-11112 was published Jun 5, 2026
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11146 was published Jun 5, 2026
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149... Critical Unreviewed
CVE-2026-11120 was published Jun 5, 2026
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11113 was published Jun 5, 2026
Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to... Critical Unreviewed
CVE-2026-11056 was published Jun 5, 2026
Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0... Critical Unreviewed
CVE-2026-11063 was published Jun 5, 2026
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11066 was published Jun 5, 2026
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote... Critical Unreviewed
CVE-2026-10966 was published Jun 5, 2026
Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0... Critical Unreviewed
CVE-2026-10971 was published Jun 5, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database