Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

160,669 advisories

Loading
The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2026-1291 was published Jun 13, 2026
The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag'... Moderate Unreviewed
CVE-2026-9629 was published Jun 13, 2026
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-3297 was published Jun 13, 2026
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-2470 was published Jun 13, 2026
The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-9134 was published Jun 13, 2026
Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of... Moderate Unreviewed
CVE-2026-9641 was published Jun 12, 2026
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity... Moderate Unreviewed
CVE-2026-11769 was published Jun 13, 2026
The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-12089 was published Jun 13, 2026
A content injection vulnerability was found in the ABRT post-create event handler scripts in... Moderate Unreviewed
CVE-2026-54231 was published Jun 13, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24165 was published Jun 11, 2026
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-43278 was published Jun 11, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-46313 was published Jun 11, 2026
An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with... Moderate Unreviewed
CVE-2026-54398 was published Jun 13, 2026
Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2026-11443 was published Jun 13, 2026
OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks... Moderate Unreviewed
CVE-2026-53839 was published Jun 13, 2026
OpenClaw before 2026.4.24 contains a token revocation vulnerability allowing callers with revoked... Moderate Unreviewed
CVE-2026-53824 was published Jun 13, 2026
Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2026-11442 was published Jun 13, 2026
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection... Moderate Unreviewed
CVE-2026-53838 was published Jun 13, 2026
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file... Moderate Unreviewed
CVE-2025-7019 was published Jun 13, 2026
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed... Moderate Unreviewed
CVE-2025-7018 was published Jun 13, 2026
OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing... Moderate Unreviewed
CVE-2026-53830 was published Jun 13, 2026
OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event... Moderate Unreviewed
CVE-2026-53837 was published Jun 13, 2026
OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action... Moderate Unreviewed
CVE-2026-53827 was published Jun 13, 2026
OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP... Moderate Unreviewed
CVE-2026-53820 was published Jun 13, 2026
Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage... Moderate Unreviewed
CVE-2026-53867 was published Jun 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database