Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
975
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

1,882 advisories

Loading
WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that... High Unreviewed
CVE-2018-25437 was published Jun 15, 2026
Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register... High Unreviewed
CVE-2026-53868 was published Jun 13, 2026
The Aqara Cloud Developer Portal (developer.aqara.com) issued a developer token to any email... Moderate Unreviewed
CVE-2026-50082 was published Jun 12, 2026
The Aqara Board service (op-test.aqara.com) accepts arbitrary MQTT command payloads, and forwards... High Unreviewed
CVE-2026-50085 was published Jun 12, 2026
Improper access control in Devolutions PowerShell Universal 2026.1.7 and earlier allows an... Moderate Unreviewed
CVE-2026-8694 was published Jun 12, 2026
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication... High Unreviewed
CVE-2026-11848 was published Jun 12, 2026
The authentication mechanism of a certain function in the PcSuite has a defect, which may result... High Unreviewed
CVE-2026-11535 was published Jun 12, 2026
Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that... Critical Unreviewed
CVE-2026-49973 was published Jun 11, 2026
Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and... High Unreviewed
CVE-2026-50245 was published Jun 11, 2026
Arc: Unauthenticated access to Go debug pprof endpoints leaks runtime state and enables CPU-burn DoS High
CVE-2026-48050 was published for github.com/basekick-labs/arc (Go) Jun 11, 2026
NeuroWinter Credited to NeuroWinter
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Critical Unreviewed
CVE-2026-35273 was published Jun 11, 2026
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below... Critical Unreviewed
CVE-2026-20253 was published Jun 10, 2026
A missing authentication check on the Aix‑DB "/llm/process_llm_out" endpoint allows... High Unreviewed
CVE-2026-8335 was published Jun 10, 2026
During an internal security assessment, a potential vulnerability was discovered in Lenovo... High Unreviewed
CVE-2026-9045 was published Jun 10, 2026
A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by... Critical Unreviewed
CVE-2026-53469 was published Jun 10, 2026
Missing authentication for critical function in Microsoft PC Manager allows an authorized... High Unreviewed
CVE-2026-50512 was published Jun 9, 2026
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a... Moderate Unreviewed
CVE-2026-50507 was published Jun 9, 2026
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate... Critical Unreviewed
CVE-2026-47281 was published Jun 9, 2026
WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated... Critical Unreviewed
CVE-2023-54352 was published Jun 8, 2026
WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder... High Unreviewed
CVE-2023-54350 was published Jun 8, 2026
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A... Critical Unreviewed
CVE-2025-71318 was published Jun 5, 2026
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an... Moderate Unreviewed
CVE-2026-11238 was published Jun 5, 2026
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run... High Unreviewed
CVE-2024-27890 was published Jun 5, 2026
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run... High Unreviewed
CVE-2024-27892 was published Jun 5, 2026
Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution... Critical Unreviewed
CVE-2026-25550 was published Jun 4, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database