Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
47
Go
3,295
Maven
5,000+
npm
5,000+
NuGet
876
pip
4,524
Pub
12
RubyGems
1,008
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

13,556 advisories

Loading
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper... Low Unreviewed
CVE-2026-24508 was published Mar 11, 2026
A potential vulnerability was reported in the Lenovo FileZ Android application that, under... Low Unreviewed
CVE-2026-0520 was published Mar 11, 2026
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access... Low Unreviewed
CVE-2026-24509 was published Mar 11, 2026
An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02... Low Unreviewed
CVE-2026-1524 was published Mar 11, 2026
Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01... Low Unreviewed
CVE-2026-1471 was published Mar 11, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8... Low Unreviewed
CVE-2025-12704 was published Mar 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18... Low Unreviewed
CVE-2025-12697 was published Mar 11, 2026
Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to... Low Unreviewed
CVE-2026-1497 was published Mar 11, 2026
Anytype Heart's gRPC API client challenge verification can be bypassed on localhost Low
CVE-2026-31863 was published for github.com/anyproto/anytype-cli (Go) Mar 11, 2026
Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handling of proprietary .EGP... Low Unreviewed
CVE-2025-70330 was published Mar 11, 2026
Craft CMS Vulnerable to Stored XSS via User Group Name in User Permissions Page Low
GHSA-g3hp-vvqf-8vw6 was published for craftcms/cms (Composer) Mar 11, 2026
mHe4am Credited to mHe4am
An improper certificate validation vulnerability has been reported to affect Video Station. If an... Low Unreviewed
CVE-2024-14024 was published Mar 11, 2026
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains... Low Unreviewed
CVE-2024-14025 was published Mar 11, 2026
A command injection vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2024-14026 was published Mar 11, 2026
Keycloak: Information disclosure of disabled user attributes via administrative endpoint Low
CVE-2026-3911 was published for org.keycloak:keycloak-services (Maven) Mar 11, 2026
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the... Low Unreviewed
CVE-2026-3884 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Low Unreviewed
CVE-2026-21295 was published Mar 11, 2026
Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within... Low Unreviewed
CVE-2025-20073 was published Mar 11, 2026
In VPU, there is a possible use-after-free read due to a race condition. This could lead to local... Low Unreviewed
CVE-2026-0121 was published Mar 10, 2026
In Trusted Execution Environment, there is a possible key leak due to side channel information... Low Unreviewed
CVE-2026-0115 was published Mar 10, 2026
Vaadin: Specially crafted ZIP archives can escape the intended extraction directory Low
CVE-2026-2741 was published for com.vaadin:flow-project (Maven) Mar 10, 2026
A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet FortiWeb 8.0.0... Low Unreviewed
CVE-2026-24641 was published Mar 10, 2026
An improper restriction of excessive authentication attempts vulnerability in Fortinet... Low Unreviewed
CVE-2026-22629 was published Mar 10, 2026
HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames... Low Unreviewed
CVE-2026-21791 was published Mar 10, 2026
A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4... Low Unreviewed
CVE-2025-27769 was published Mar 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database