GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,945
Composer 5,455
Erlang 46
GitHub Actions 48
Go 3,343
Maven 6,345
npm 5,392
NuGet 881
pip 4,550
Pub 12
RubyGems 1,013
Rust 1,203
Swift 51

Unreviewed advisories

All unreviewed 295,569

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

373 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenClaw before 2026.3.12 contains an authentication bypass vulnerability in Feishu webhook mode... High Unreviewed

CVE-2026-32974 was published Mar 29, 2026

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... Moderate Unreviewed

CVE-2026-20699 was published Mar 25, 2026

Versions of the package jsrsasign before 11.1.1 are vulnerable to Improper Verification of... Critical Unreviewed

CVE-2026-4600 was published Mar 23, 2026

A condition in ScreenConnect may allow an actor with access to server-level cryptographic... Critical Unreviewed

CVE-2026-3564 was published Mar 17, 2026

Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability.... Moderate Unreviewed

CVE-2026-3562 was published Mar 16, 2026

Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1... Moderate Unreviewed

CVE-2026-20989 was published Mar 16, 2026

HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of... Moderate Unreviewed

CVE-2025-52648 was published Mar 16, 2026

A high-privileged remote attacker can fully compromise the device by abusing an update signature... High Unreviewed

CVE-2025-41767 was published Mar 9, 2026

SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature... Moderate Unreviewed

CVE-2026-2746 was published Mar 4, 2026

SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature... Moderate Unreviewed

CVE-2026-27445 was published Mar 4, 2026

A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function... Moderate Unreviewed

CVE-2025-15598 was published Mar 3, 2026

The system suffers from the absence of a kernel module signature verification. If an attacker can... Moderate Unreviewed

CVE-2025-32060 was published Feb 15, 2026

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with... High Unreviewed

CVE-2026-23687 was published Feb 10, 2026

Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox... High Unreviewed

CVE-2026-0750 was published Jan 28, 2026

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when... Moderate Unreviewed

CVE-2025-15469 was published Jan 27, 2026

IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper... High Unreviewed

CVE-2025-36418 was published Jan 20, 2026

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW... High Unreviewed

CVE-2025-12006 was published Jan 16, 2026

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM... High Unreviewed

CVE-2025-12007 was published Jan 16, 2026

Improper verification of cryptographic signature in Windows Admin Center allows an authorized... High Unreviewed

CVE-2026-20965 was published Jan 13, 2026

Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of... Critical Unreviewed

CVE-2025-15444 was published Jan 6, 2026

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary... Moderate Unreviewed

CVE-2025-68972 was published Dec 28, 2025

Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit... Critical Unreviewed

CVE-2023-53951 was published Dec 19, 2025

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... Low Unreviewed

CVE-2025-43522 was published Dec 12, 2025

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing... Moderate Unreviewed

CVE-2025-43521 was published Dec 12, 2025

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker... Moderate Unreviewed

CVE-2025-59803 was published Dec 11, 2025

Previous1…15 Next

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

373 advisories