Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

160,669 advisories

Loading
The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2026-1291 was published Jun 13, 2026
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-2470 was published Jun 13, 2026
The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag'... Moderate Unreviewed
CVE-2026-9629 was published Jun 13, 2026
The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-9134 was published Jun 13, 2026
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-3297 was published Jun 13, 2026
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity... Moderate Unreviewed
CVE-2026-11769 was published Jun 13, 2026
The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-12089 was published Jun 13, 2026
A content injection vulnerability was found in the ABRT post-create event handler scripts in... Moderate Unreviewed
CVE-2026-54231 was published Jun 13, 2026
OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks... Moderate Unreviewed
CVE-2026-53839 was published Jun 13, 2026
OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event... Moderate Unreviewed
CVE-2026-53837 was published Jun 13, 2026
An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with... Moderate Unreviewed
CVE-2026-54398 was published Jun 13, 2026
Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2026-11443 was published Jun 13, 2026
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection... Moderate Unreviewed
CVE-2026-53838 was published Jun 13, 2026
Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage... Moderate Unreviewed
CVE-2026-53867 was published Jun 13, 2026
Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2026-11442 was published Jun 13, 2026
OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action... Moderate Unreviewed
CVE-2026-53827 was published Jun 13, 2026
OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing... Moderate Unreviewed
CVE-2026-53830 was published Jun 13, 2026
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file... Moderate Unreviewed
CVE-2025-7019 was published Jun 13, 2026
OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP... Moderate Unreviewed
CVE-2026-53820 was published Jun 13, 2026
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed... Moderate Unreviewed
CVE-2025-7018 was published Jun 13, 2026
OpenClaw before 2026.4.24 contains a token revocation vulnerability allowing callers with revoked... Moderate Unreviewed
CVE-2026-53824 was published Jun 13, 2026
Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a... Moderate Unreviewed
CVE-2025-7010 was published Jun 13, 2026
Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows... Moderate Unreviewed
CVE-2025-7006 was published Jun 13, 2026
Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file... Moderate Unreviewed
CVE-2025-7005 was published Jun 13, 2026
File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames Moderate
CVE-2026-54093 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
hacdias Credited to hacdias
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database