GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,787
Composer 5,986
Erlang 73
GitHub Actions 53
Go 4,029
Maven 6,658
npm 6,516
NuGet 976
pip 5,380
Pub 13
RubyGems 1,070
Rust 1,404
Swift 61

Unreviewed advisories

All unreviewed 309,116

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

953 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that... High Unreviewed

CVE-2016-20075 was published Jun 15, 2026

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect... High Unreviewed

CVE-2026-34023 was published Jun 15, 2026

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command... High Unreviewed

CVE-2026-53828 was published Jun 13, 2026

OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch... High Unreviewed

CVE-2026-53834 was published Jun 13, 2026

An incorrect authorization vulnerability in MISP allows an organization administrator to target... High Unreviewed

CVE-2026-54358 was published Jun 12, 2026

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16... High Unreviewed

CVE-2026-7387 was published Jun 12, 2026

The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the... High Unreviewed

CVE-2026-45831 was published Jun 12, 2026

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive... High Unreviewed

CVE-2026-53807 was published Jun 11, 2026

Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation... High Unreviewed

CVE-2026-53738 was published Jun 11, 2026

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote... High Unreviewed

CVE-2026-24724 was published Jun 10, 2026

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization... High Unreviewed

CVE-2026-47929 was published Jun 9, 2026

Improper authorization in .NET allows an authorized attacker to elevate privileges locally. High Unreviewed

CVE-2026-45490 was published Jun 9, 2026

A flaw was found in Keycloak. A limited administrator can exploit an improper access control... High Unreviewed

CVE-2026-11577 was published Jun 8, 2026

A logic error in the MISP CRUD component delete handler allowed validation failures to be... High Unreviewed

CVE-2026-10860 was published Jun 4, 2026

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. High Unreviewed

CVE-2025-14774 was published Jun 3, 2026

In version 3.6.19 of prefecthq/prefect, an authentication bypass vulnerability exists due to the... High Unreviewed

CVE-2026-3514 was published Jun 2, 2026

In multiple locations, there is a possible background activity launch due to a missing permission... High Unreviewed

CVE-2025-32348 was published Jun 2, 2026

OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route... High Unreviewed

CVE-2026-35674 was published May 29, 2026

Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business... High Unreviewed

CVE-2026-46823 was published May 28, 2026

The affected products insufficiently verify authorization when deleting user accounts. An... High Unreviewed

CVE-2026-8046 was published May 26, 2026

Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that... High Unreviewed

CVE-2018-25353 was published May 26, 2026

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in... High Unreviewed

CVE-2026-6406 was published May 26, 2026

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment... High Unreviewed

CVE-2026-8350 was published May 21, 2026

LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update... High Unreviewed

CVE-2026-47102 was published May 21, 2026

LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to... High Unreviewed

CVE-2026-47101 was published May 21, 2026

Previous1…39 Next

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

953 advisories