Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

339,383 advisories

Loading
The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag'... Moderate Unreviewed
CVE-2026-9629 was published Jun 13, 2026
The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites... High Unreviewed
CVE-2026-9109 was published Jun 13, 2026
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-3297 was published Jun 13, 2026
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-2470 was published Jun 13, 2026
The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-9134 was published Jun 13, 2026
The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in... Unknown Unreviewed
CVE-2026-9062 was published Jun 13, 2026
The Store Locator WordPress plugin before 1.6.9 does not sanitize and escape store logo metadata... Unknown Unreviewed
CVE-2026-9061 was published Jun 13, 2026
Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of... Moderate Unreviewed
CVE-2026-9641 was published Jun 12, 2026
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity... Moderate Unreviewed
CVE-2026-11769 was published Jun 13, 2026
A symlink following vulnerability was found in the ABRT post-create event handler scripts in... High Unreviewed
CVE-2026-54230 was published Jun 13, 2026
The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-12089 was published Jun 13, 2026
The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query... High Unreviewed
CVE-2026-9848 was published Jun 13, 2026
A content injection vulnerability was found in the ABRT post-create event handler scripts in... Moderate Unreviewed
CVE-2026-54231 was published Jun 13, 2026
A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method.... High Unreviewed
CVE-2026-54229 was published Jun 13, 2026
A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's... High Unreviewed
CVE-2026-54228 was published Jun 13, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24165 was published Jun 11, 2026
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-43278 was published Jun 11, 2026
Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a... High Unreviewed
CVE-2025-10101 was published Dec 1, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-46313 was published Jun 11, 2026
An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with... Moderate Unreviewed
CVE-2026-54398 was published Jun 13, 2026
Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2026-11443 was published Jun 13, 2026
OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest... High Unreviewed
CVE-2026-53825 was published Jun 13, 2026
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed... High Unreviewed
CVE-2025-9033 was published Jun 13, 2026
OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks... Moderate Unreviewed
CVE-2026-53839 was published Jun 13, 2026
Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine... High Unreviewed
CVE-2025-14098 was published Jun 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database