GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,787
Composer 5,986
Erlang 73
GitHub Actions 53
Go 4,029
Maven 6,658
npm 6,516
NuGet 976
pip 5,380
Pub 13
RubyGems 1,070
Rust 1,404
Swift 61

Unreviewed advisories

All unreviewed 309,116

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

141 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu... Low Unreviewed

CVE-2026-53835 was published Jun 13, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8,... Low Unreviewed

CVE-2026-3553 was published Jun 11, 2026

A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero... Low Unreviewed

CVE-2026-41852 was published Jun 9, 2026

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared... Low Unreviewed

CVE-2026-50266 was published Jun 4, 2026

Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid... Low Unreviewed

CVE-2026-45426 was published Jun 1, 2026

OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that... Low Unreviewed

CVE-2026-34507 was published May 29, 2026

OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals... Low Unreviewed

CVE-2026-32906 was published May 29, 2026

Incorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station... Low Unreviewed

CVE-2024-47272 was published May 27, 2026

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and... Low Unreviewed

CVE-2026-44998 was published May 11, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18... Low Unreviewed

CVE-2025-9957 was published Apr 22, 2026

An issue that allowed MCP agents to access certificate information from outside of their... Low Unreviewed

CVE-2026-5379 was published Apr 7, 2026

An issue that could expose records outside of the authorized organization scope through the MCP... Low Unreviewed

CVE-2026-5382 was published Apr 7, 2026

An issue that could expose task information outside of the authorized organization scope has been... Low Unreviewed

CVE-2026-5381 was published Apr 7, 2026

OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its Microsoft Teams... Low Unreviewed

CVE-2026-34509 was published Mar 31, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9... Low Unreviewed

CVE-2026-4363 was published Mar 25, 2026

This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7... Low Unreviewed

CVE-2026-28864 was published Mar 25, 2026

Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the... Low Unreviewed

CVE-2026-26230 was published Mar 16, 2026

Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01... Low Unreviewed

CVE-2026-1471 was published Mar 11, 2026

Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to... Low Unreviewed

CVE-2026-1497 was published Mar 11, 2026

In affected versions of Octopus Server it was possible to create a new API key from an existing... Low Unreviewed

CVE-2026-3236 was published Mar 5, 2026

Tanium addressed an improper input validation vulnerability in Tanium Appliance. Low Unreviewed

CVE-2025-15321 was published Feb 5, 2026

Tanium addressed an improper access controls vulnerability in Interact. Low Unreviewed

CVE-2025-15288 was published Jan 29, 2026

### Details On October 1, 2025, Palantir discovered that images uploaded through the Dossier... Low Unreviewed

CVE-2025-62487 was published Jan 10, 2026

A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function... Low Unreviewed

CVE-2025-15124 was published Dec 28, 2025

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the... Low Unreviewed

CVE-2025-15126 was published Dec 28, 2025

Previous1…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

141 advisories