Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
975
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

106 advisories

Loading
Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11122 was published Jun 5, 2026
Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53... Moderate Unreviewed
CVE-2026-11127 was published Jun 5, 2026
A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5.... Moderate Unreviewed
CVE-2026-28914 was published May 11, 2026
MantisBT has a Content Security Policy bypass via attachments High
CVE-2026-40597 was published for mantisbt/mantisbt (Composer) May 11, 2026
siunam321 Credited to siunam321 and dregad dregad dregad
Ella Core has handover failures during concurrent Security Mode Command Low
CVE-2026-44474 was published for github.com/ellanetworks/core (Go) May 11, 2026
SJNA0414 Credited to SJNA0414, ICSR-KMU, and bradypus404 ICSR-KMU ICSR-KMU
bradypus404 bradypus404
Ella Core has a UE Security Capability bypass on NGAP PathSwitchRequest Moderate
CVE-2026-44475 was published for github.com/ellanetworks/core (Go) May 11, 2026
SJNA0414 Credited to SJNA0414, bradypus404, and ICSR-KMU bradypus404 bradypus404
ICSR-KMU ICSR-KMU
Ella Core Vulnerable to UE Downlink Redirection via Forged PDUSessionResourceSetupResponse High
CVE-2026-44473 was published for github.com/ellanetworks/core (Go) May 11, 2026
SJNA0414 Credited to SJNA0414, ICSR-KMU, and bradypus404 ICSR-KMU ICSR-KMU
bradypus404 bradypus404
Free5GC AMF has Missing Concurrent NAS SMC Validation During NGAP Handover Low
CVE-2026-42082 was published for github.com/free5gc/amf (Go) May 7, 2026
SJNA0414 Credited to SJNA0414, ICSR-KMU, and bradypus404 ICSR-KMU ICSR-KMU
bradypus404 bradypus404
Free5GC AMF Bypasses UE Security Capabilities on NGAP PathSwitchRequest Moderate
CVE-2026-42081 was published for github.com/free5gc/amf (Go) May 7, 2026
SJNA0414 Credited to SJNA0414, ICSR-KMU, and bradypus404 ICSR-KMU ICSR-KMU
bradypus404 bradypus404
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due... Low Unreviewed
CVE-2025-31983 was published May 6, 2026
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the... Moderate Unreviewed
CVE-2025-31970 was published May 6, 2026
A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an... Moderate Unreviewed
CVE-2026-22618 was published Apr 16, 2026
Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote... Moderate Unreviewed
CVE-2026-5894 was published Apr 9, 2026
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions,... Low Unreviewed
CVE-2026-35679 was published Apr 6, 2026
In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine... Moderate Unreviewed
CVE-2026-2645 was published Mar 19, 2026
Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more... Moderate Unreviewed
CVE-2026-25315 was published Feb 19, 2026
IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during... Moderate Unreviewed
CVE-2025-13333 was published Feb 18, 2026
Keycloak fails to verify if an Identity Provider (IdP) is enabled before issuing tokens High
CVE-2026-1486 was published for org.keycloak:keycloak-services (Maven) Feb 9, 2026
eminaktas Credited to eminaktas
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The... Moderate Unreviewed
CVE-2025-66607 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... Moderate Unreviewed
CVE-2025-66601 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... High Unreviewed
CVE-2025-66600 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The... Low Unreviewed
CVE-2025-66603 was published Feb 9, 2026
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar... Critical Unreviewed
CVE-2025-69234 was published Dec 30, 2025
BullWall Ransomware Containment relies on the number of file modifications to trigger detection.... Moderate Unreviewed
CVE-2025-62002 was published Dec 18, 2025
Vulnerability of improper criterion security check in the card module. Impact: Successful... Moderate Unreviewed
CVE-2025-66323 was published Dec 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database