GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,787
Composer 5,986
Erlang 73
GitHub Actions 53
Go 4,029
Maven 6,658
npm 6,516
NuGet 976
pip 5,380
Pub 13
RubyGems 1,070
Rust 1,404
Swift 61

Unreviewed advisories

All unreviewed 309,116

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

279 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-34033 was published Jun 9, 2026

A reflected cross-site scripting issue exists in URL handling. Moderate Unreviewed

CVE-2026-9646 was published May 28, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39642 was published May 26, 2026

The GDPR cookies module for Backdrop CMS (before 1.x-1.3.5) doesn't sufficiently protect... Low Unreviewed

CVE-2025-71310 was published May 26, 2026

The MapGeo – Interactive Geo Maps plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-15345 was published May 14, 2026

WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated... Moderate Unreviewed

CVE-2021-47948 was published May 10, 2026

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in... High Unreviewed

CVE-2026-6002 was published May 7, 2026

HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the... Low Unreviewed

CVE-2025-59854 was published May 6, 2026

Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a... Moderate Unreviewed

CVE-2026-1564 was published Apr 16, 2026

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have... Moderate Unreviewed

CVE-2026-20170 was published Apr 15, 2026

A HTML Injection vulnerability exists in the Dashboard module of Vtiger CRM 8.4.0. The... Moderate Unreviewed

CVE-2026-26460 was published Apr 13, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39712 was published Apr 8, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39628 was published Apr 8, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39629 was published Apr 8, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39626 was published Apr 8, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39625 was published Apr 8, 2026

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39837 was published Apr 7, 2026

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39839 was published Apr 7, 2026

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-39841 was published Apr 7, 2026

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could... Moderate Unreviewed

CVE-2025-66486 was published Apr 2, 2026

An attacker might be able to inject HTML content into the internal web dashboard by sending... Low Unreviewed

CVE-2026-0396 was published Mar 31, 2026

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-1834 was published Mar 31, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9... High Unreviewed

CVE-2026-2995 was published Mar 25, 2026

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security... Moderate Unreviewed

CVE-2026-20070 was published Mar 4, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-28132 was published Feb 26, 2026

Previous1…12 Next

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

279 advisories