GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,602
Composer 5,560
Erlang 49
GitHub Actions 49
Go 3,434
Maven 6,373
npm 5,653
NuGet 882
pip 4,689
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 296,941

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,588 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64... Critical Unreviewed

CVE-2025-14815 was published Apr 8, 2026

Cleartext Storage of Sensitive Information in GUI vulnerability in Mitsubishi Electric GENESIS64... Critical Unreviewed

CVE-2025-14816 was published Apr 8, 2026

Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow... Critical Unreviewed

CVE-2026-25776 was published Apr 8, 2026

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due... Critical Unreviewed

CVE-2026-3535 was published Apr 8, 2026

The Users manager – PN plugin for WordPress is vulnerable to Privilege Escalation via Arbitrary... Critical Unreviewed

CVE-2026-4003 was published Apr 8, 2026

The Everest Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up... Critical Unreviewed

CVE-2026-3296 was published Apr 8, 2026

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container... Critical Unreviewed

CVE-2026-1346 was published Apr 8, 2026

Improper neutralization of input during web page generation ('cross-site scripting')... Critical Unreviewed

CVE-2026-39933 was published Apr 8, 2026

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web... Critical Unreviewed

CVE-2026-4631 was published Apr 7, 2026

Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the... Critical Unreviewed

CVE-2026-23696 was published Apr 7, 2026

A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of... Critical Unreviewed

CVE-2026-21413 was published Apr 7, 2026

A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of... Critical Unreviewed

CVE-2026-20911 was published Apr 7, 2026

A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw... Critical Unreviewed

CVE-2026-20889 was published Apr 7, 2026

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including... Critical Unreviewed

CVE-2026-5627 was published Apr 7, 2026

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and... Critical Unreviewed

CVE-2026-5734 was published Apr 7, 2026

Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed... Critical Unreviewed

CVE-2026-5735 was published Apr 7, 2026

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0,... Critical Unreviewed

CVE-2026-5731 was published Apr 7, 2026

Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0... Critical Unreviewed

CVE-2025-39666 was published Apr 7, 2026

Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code... Critical Unreviewed

CVE-2026-22679 was published Apr 7, 2026

Tianxin Internet Behavior Management System contains a command injection vulnerability in the... Critical Unreviewed

CVE-2021-4473 was published Apr 7, 2026

In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper... Critical Unreviewed

CVE-2026-1114 was published Apr 7, 2026

The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed

CVE-2026-0740 was published Apr 7, 2026

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... Critical Unreviewed

CVE-2025-54328 was published Apr 6, 2026

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... Critical Unreviewed

CVE-2025-58349 was published Apr 6, 2026

Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in... Critical Unreviewed

CVE-2026-35022 was published Apr 6, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,588 advisories