Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

3,602 advisories

Loading
Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary... Critical Unreviewed
CVE-2026-53787 was published Jun 12, 2026
Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services... High Unreviewed
CVE-2026-6211 was published Jun 12, 2026
Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information... Critical Unreviewed
CVE-2026-11839 was published Jun 11, 2026
CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule Critical
CVE-2026-48062 was published for codeigniter4/framework (Composer) Jun 11, 2026
z3moo Credited to z3moo and teebow1e teebow1e teebow1e
Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC... Critical Unreviewed
CVE-2026-7852 was published Jun 11, 2026
The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user... Critical Unreviewed
CVE-2026-9067 was published Jun 10, 2026
An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of... Moderate Unreviewed
CVE-2026-36722 was published Jun 9, 2026
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 ... Moderate Unreviewed
CVE-2025-40808 was published Jun 9, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue... Moderate Unreviewed
CVE-2026-33582 was published Jun 9, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue... Moderate Unreviewed
CVE-2026-34031 was published Jun 9, 2026
WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows... Critical Unreviewed
CVE-2024-58349 was published Jun 8, 2026
WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability... Critical Unreviewed
CVE-2024-58348 was published Jun 8, 2026
The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all... High Unreviewed
CVE-2026-7537 was published Jun 6, 2026
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the... High Unreviewed
CVE-2026-5411 was published Jun 5, 2026
SOPlanning does not verify uploaded file extension. An authenticated attacker with access to the... Moderate Unreviewed
CVE-2026-40548 was published Jun 1, 2026
SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers... High Unreviewed
CVE-2018-25409 was published May 30, 2026
HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers... High Unreviewed
CVE-2018-25388 was published May 29, 2026
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the... High Unreviewed
CVE-2026-39292 was published May 29, 2026
DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing privileged... High Unreviewed
CVE-2026-10072 was published May 29, 2026
DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing... Critical Unreviewed
CVE-2026-10071 was published May 29, 2026
An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of... High Unreviewed
CVE-2026-30761 was published May 28, 2026
The GutenBee – Gutenberg Blocks plugin for WordPress is vulnerable to Arbitrary File Upload in... High Unreviewed
CVE-2026-9227 was published May 28, 2026
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote... High Unreviewed
CVE-2026-9009 was published May 28, 2026
Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo... Critical Unreviewed
CVE-2026-42748 was published May 27, 2026
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized... Critical Unreviewed
CVE-2026-40412 was published May 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database