GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,787
Composer 5,986
Erlang 73
GitHub Actions 53
Go 4,029
Maven 6,658
npm 6,516
NuGet 976
pip 5,380
Pub 13
RubyGems 1,070
Rust 1,404
Swift 61

Unreviewed advisories

All unreviewed 309,116

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,786 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This... Critical Unreviewed

CVE-2026-9256 was published May 26, 2026

Nur-Alam39 bus-ticket (no released versions; latest commit... Critical Unreviewed

CVE-2026-55740 was published Jun 18, 2026

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink... Critical Unreviewed

CVE-2026-12569 was published Jun 18, 2026

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to... Critical Unreviewed

CVE-2026-47643 was published Jun 9, 2026

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component:... Critical Unreviewed

CVE-2026-46964 was published Jun 17, 2026

Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple... Critical Unreviewed

CVE-2026-54388 was published Jun 17, 2026

Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length... Critical Unreviewed

CVE-2026-54387 was published Jun 17, 2026

Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey... Critical Unreviewed

CVE-2026-55196 was published Jun 17, 2026

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in... Critical Unreviewed

CVE-2026-55200 was published Jun 17, 2026

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component:... Critical Unreviewed

CVE-2026-46963 was published Jun 17, 2026

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite ... Critical Unreviewed

CVE-2026-46949 was published Jun 17, 2026

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component:... Critical Unreviewed

CVE-2026-46789 was published Jun 17, 2026

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal... Critical Unreviewed

CVE-2026-46945 was published Jun 17, 2026

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate... Critical Unreviewed

CVE-2026-45389 was published Jun 15, 2026

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152. Critical Unreviewed

CVE-2026-12293 was published Jun 16, 2026

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles... Critical Unreviewed

CVE-2026-48907 was published Jun 5, 2026

picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote... Critical Unreviewed

CVE-2025-71323 was published Jun 17, 2026

picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated... Critical Unreviewed

CVE-2026-53874 was published Jun 17, 2026

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute... Critical Unreviewed

CVE-2026-20181 was published Jun 17, 2026

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper... Critical Unreviewed

CVE-2026-36418 was published Jun 17, 2026

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and... Critical Unreviewed

CVE-2026-42055 was published Jun 17, 2026

NGINX Open Source has a vulnerability in the ngx_http_v3_module module. When NGINX Open Source is... Critical Unreviewed

CVE-2026-42530 was published Jun 17, 2026

picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers... Critical Unreviewed

CVE-2025-71321 was published Jun 17, 2026

The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 ... Critical Unreviewed

CVE-2026-55743 was published Jun 17, 2026

picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when... Critical Unreviewed

CVE-2025-71325 was published Jun 17, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

26,786 advisories