Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

625 advisories

Loading
The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against... Critical Unreviewed
CVE-2026-50086 was published Jun 12, 2026
Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache... Moderate Unreviewed
CVE-2026-40996 was published Jun 11, 2026
During an internal security assessment, a potential vulnerability was discovered in some ThinkPad... High Unreviewed
CVE-2025-10237 was published Jun 10, 2026
A vulnerability has been found in yoanbernabeu grepai 0.35.0. This issue affects some unknown... Low Unreviewed
CVE-2026-11479 was published Jun 8, 2026
A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the... Low Unreviewed
CVE-2026-11481 was published Jun 8, 2026
A weakness has been identified in thedotmack claude-mem up to 11.0.1. The affected element is the... Low Unreviewed
CVE-2026-11330 was published Jun 5, 2026
A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the... Low Unreviewed
CVE-2026-11329 was published Jun 5, 2026
A flaw has been found in LMCache up to 0.4.6. This affects the function hex_hash_to_int16 of the... Low Unreviewed
CVE-2026-10813 was published Jun 4, 2026
A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects... Low Unreviewed
CVE-2026-10814 was published Jun 4, 2026
A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the... Low Unreviewed
CVE-2026-10812 was published Jun 4, 2026
A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data... Low Unreviewed
CVE-2026-10803 was published Jun 4, 2026
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the... Low Unreviewed
CVE-2026-10804 was published Jun 4, 2026
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is... Low Unreviewed
CVE-2026-10800 was published Jun 4, 2026
A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the... Low Unreviewed
CVE-2026-10801 was published Jun 4, 2026
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function... Low Unreviewed
CVE-2026-10783 was published Jun 4, 2026
A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils... Low Unreviewed
CVE-2026-10766 was published Jun 3, 2026
Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static authentication... High Unreviewed
CVE-2026-36609 was published Jun 3, 2026
Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM)... Moderate Unreviewed
CVE-2026-49323 was published May 29, 2026
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) a Use of a Broken or Risky Cryptographic... Moderate Unreviewed
CVE-2025-46371 was published May 26, 2026
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which... High Unreviewed
CVE-2026-44053 was published May 21, 2026
HAXcms: Private Key Disclosure via Broken HMAC Implementation Critical
CVE-2026-46395 was published for @haxtheweb/haxcms-nodejs (npm) May 19, 2026
shreyas-challa Credited to shreyas-challa
Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens Moderate
CVE-2026-45701 was published for sulu/sulu (Composer) May 18, 2026
gangadhar-s-k Credited to gangadhar-s-k, mamazu, alexander-schranz, and Prokyonn mamazu mamazu
alexander-schranz alexander-schranz Prokyonn Prokyonn
A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the... Moderate Unreviewed
CVE-2026-8803 was published May 18, 2026
Insecure generation of credentials in the local SAT (Technical Support) access functionality of... Critical Unreviewed
CVE-2026-8072 was published May 12, 2026
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow... High Unreviewed
CVE-2026-6411 was published May 8, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database