Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

3,546 advisories

Loading
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-2470 was published Jun 13, 2026
An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with... Moderate Unreviewed
CVE-2026-54398 was published Jun 13, 2026
OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch... High Unreviewed
CVE-2026-53834 was published Jun 13, 2026
OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command... High Unreviewed
CVE-2026-53828 was published Jun 13, 2026
OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu... Low Unreviewed
CVE-2026-53835 was published Jun 13, 2026
File Browser has incorrect access control for public directory shares via rule path rebasing High
CVE-2026-54091 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
hacdias Credited to hacdias
An incorrect visibility condition in the MISP event template builder allowed authenticated non... Moderate Unreviewed
CVE-2026-54362 was published Jun 12, 2026
An incorrect authorization vulnerability in MISP allows an organization administrator to target... High Unreviewed
CVE-2026-54358 was published Jun 12, 2026
A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event... Moderate Unreviewed
CVE-2026-54397 was published Jun 12, 2026
MCP Server Kubernetes: Tool Access Control Bypass via Presentation-Layer Filtering Without Execution-Layer Enforcement High
CVE-2026-46519 was published for mcp-server-kubernetes (npm) May 21, 2026
axsharma Credited to axsharma and 0xmagic0 0xmagic0 0xmagic0
Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16... Moderate Unreviewed
CVE-2026-6739 was published Jun 12, 2026
The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the... High Unreviewed
CVE-2026-45831 was published Jun 12, 2026
Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16... High Unreviewed
CVE-2026-7387 was published Jun 12, 2026
Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL High
CVE-2026-48152 was published for @budibase/server (npm) Jun 12, 2026
An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote... High Unreviewed
CVE-2026-24724 was published Jun 10, 2026
Chisel has an ACL Bypass via Post-Handshake SSH Channel ExtraData Injection High
CVE-2026-48113 was published for github.com/jpillora/chisel (Go) Jun 12, 2026
mzfr Credited to mzfr
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update... High Unreviewed
CVE-2026-47102 was published May 21, 2026
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to... High Unreviewed
CVE-2026-47101 was published May 21, 2026
OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive... High Unreviewed
CVE-2026-53807 was published Jun 11, 2026
OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop... Moderate Unreviewed
CVE-2026-53808 was published Jun 11, 2026
DevGuard has improper authorization on public assets High
CVE-2026-48089 was published for github.com/l3montree-dev/devguard (Go) Jun 11, 2026
philipflohr Credited to philipflohr
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8,... Low Unreviewed
CVE-2026-3553 was published Jun 11, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18... Moderate Unreviewed
CVE-2026-6277 was published Jun 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8,... Moderate Unreviewed
CVE-2026-6269 was published Jun 11, 2026
A flaw was found in Keycloak. An authenticated user with existing organization membership can... Moderate Unreviewed
CVE-2026-9791 was published May 28, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database