Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,787
NuGet
825
pip
4,384
Pub
12
RubyGems
988
Rust
1,144
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,086 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2026-3010 was published Feb 28, 2026
Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows... Critical Unreviewed
CVE-2026-2844 was published Feb 28, 2026
openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability... Critical Unreviewed
CVE-2026-28517 was published Feb 28, 2026
openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability... Critical Unreviewed
CVE-2026-28515 was published Feb 28, 2026
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config... Critical Unreviewed
CVE-2026-28516 was published Feb 28, 2026
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier... Critical Unreviewed
CVE-2026-27755 was published Feb 27, 2026
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials... Critical Unreviewed
CVE-2026-27751 was published Feb 27, 2026
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket... Critical Unreviewed
CVE-2026-2749 was published Feb 27, 2026
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on... Critical Unreviewed
CVE-2026-2750 was published Feb 27, 2026
Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into... Critical Unreviewed
CVE-2025-15498 was published Feb 27, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-11252 was published Feb 27, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-11251 was published Feb 27, 2026
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in... Critical Unreviewed
CVE-2026-2251 was published Feb 27, 2026
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and... Critical Unreviewed
CVE-2025-12981 was published Feb 27, 2026
An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior,... Critical Unreviewed
CVE-2026-21718 was published Feb 27, 2026
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an... Critical Unreviewed
CVE-2026-24663 was published Feb 27, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-27028 was published Feb 27, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-27767 was published Feb 27, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-25851 was published Feb 27, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-27772 was published Feb 27, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-20781 was published Feb 27, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform... Critical Unreviewed
CVE-2026-24731 was published Feb 27, 2026
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control... Critical Unreviewed
CVE-2026-22207 was published Feb 26, 2026
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control... Critical Unreviewed
CVE-2025-50857 was published Feb 26, 2026
ServiceNow has addressed a remote code execution vulnerability that was identified in the... Critical Unreviewed
CVE-2026-0542 was published Feb 25, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database