Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,430
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,680
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

269 advisories

Loading
Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the... Unknown Unreviewed
CVE-2026-39709 was published Apr 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 |... Unknown Unreviewed
CVE-2026-39711 was published Apr 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy... Unknown Unreviewed
CVE-2026-39586 was published Apr 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in sunshinephotocart Sunshine... Unknown Unreviewed
CVE-2026-39564 was published Apr 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for... Unknown Unreviewed
CVE-2026-39542 was published Apr 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting... Unknown Unreviewed
CVE-2026-39570 was published Apr 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History... Unknown Unreviewed
CVE-2026-39473 was published Apr 8, 2026
openssl-encrypt's readiness endpoint leaks database error details to unauthenticated callers Moderate
GHSA-2vhw-q7vh-7xv2 was published for openssl-encrypt (pip) Apr 1, 2026
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could... High Unreviewed
CVE-2026-20151 was published Apr 1, 2026
Exposure of sensitive information in the users MFA feature in Devolutions Server allows users... Moderate Unreviewed
CVE-2026-4927 was published Apr 1, 2026
Happy DOM's fetch credentials include uses page-origin cookies instead of target-origin cookies High
CVE-2026-34226 was published for happy-dom (npm) Mar 29, 2026
r74tech Credited to r74tech
Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp... High Unreviewed
CVE-2026-32538 was published Mar 25, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi Contact Form by... Moderate Unreviewed
CVE-2026-25339 was published Mar 25, 2026
lz4_flex's decompression can leak information from uninitialized memory or reused output buffer High
CVE-2026-32829 was published for lz4_flex (Rust) Mar 16, 2026
Marcono1234 Credited to Marcono1234
Mattermost fails to preserve the redacted state of burn-on-read posts during deletion Moderate
CVE-2026-2578 was published for github.com/mattermost/mattermost-server (Go) Mar 16, 2026
Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have two separate... High Unreviewed
CVE-2025-11500 was published Mar 16, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage... Moderate Unreviewed
CVE-2026-32354 was published Mar 13, 2026
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0... Moderate Unreviewed
CVE-2025-14483 was published Mar 13, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows... High Unreviewed
CVE-2026-27370 was published Mar 5, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my... High Unreviewed
CVE-2026-27406 was published Mar 5, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme Classified Listing... Moderate Unreviewed
CVE-2026-23546 was published Mar 5, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Roland Murg WP Booking System... Moderate Unreviewed
CVE-2025-68515 was published Mar 5, 2026
Fleet: Sensitive Google Calendar credentials disclosed to low-privileged users High
CVE-2026-27465 was published for github.com/fleetdm/fleet/v4 (Go) Feb 26, 2026
prateek-0490 Credited to prateek-0490
Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon... Moderate Unreviewed
CVE-2026-28131 was published Feb 26, 2026
HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at... Low Unreviewed
CVE-2026-1694 was published Feb 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database