GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,787
Composer 5,986
Erlang 73
GitHub Actions 53
Go 4,029
Maven 6,658
npm 6,516
NuGet 976
pip 5,380
Pub 13
RubyGems 1,070
Rust 1,404
Swift 61

Unreviewed advisories

All unreviewed 309,116

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,477 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Control of Generation of Code ('Code Injection') vulnerability in Monetizemore Advanced... High Unreviewed

CVE-2026-54816 was published Jun 17, 2026

Subscriber Arbitrary Code Execution in Cornerstone < 7.8.8 versions. High Unreviewed

CVE-2026-49113 was published Jun 17, 2026

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft ... High Unreviewed

CVE-2026-46851 was published Jun 17, 2026

NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful... High Unreviewed

CVE-2026-24155 was published Jun 16, 2026

Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring... High Unreviewed

CVE-2026-11860 was published Jun 15, 2026

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an... High Unreviewed

CVE-2026-47292 was published Jun 9, 2026

Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an... High Unreviewed

CVE-2026-45583 was published Jun 9, 2026

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote... High Unreviewed

CVE-2026-11688 was published Jun 9, 2026

OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability... High Unreviewed

CVE-2026-25856 was published Jun 8, 2026

Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(),... High Unreviewed

CVE-2026-49493 was published Jun 5, 2026

Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53... High Unreviewed

CVE-2026-11231 was published Jun 5, 2026

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to... High Unreviewed

CVE-2026-10928 was published Jun 5, 2026

The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code... High Unreviewed

CVE-2026-1829 was published Jun 2, 2026

Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote... High Unreviewed

CVE-2026-9976 was published May 29, 2026

Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote... High Unreviewed

CVE-2026-9938 was published May 29, 2026

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote... High Unreviewed

CVE-2026-37712 was published May 27, 2026

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote... High Unreviewed

CVE-2026-37711 was published May 27, 2026

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote... High Unreviewed

CVE-2026-37713 was published May 27, 2026

The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions... High Unreviewed

CVE-2026-6169 was published May 27, 2026

The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin... High Unreviewed

CVE-2026-8832 was published May 27, 2026

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in... High Unreviewed

CVE-2026-8855 was published May 26, 2026

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM... High Unreviewed

CVE-2026-9170 was published May 26, 2026

OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated... High Unreviewed

CVE-2026-42785 was published May 26, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com... High Unreviewed

CVE-2026-24937 was published May 26, 2026

Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives... High Unreviewed

CVE-2026-46586 was published May 19, 2026

Previous1…100 Next

Previous 1 2 3 4 5 … 99 100 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

2,477 advisories