GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,112
Composer 5,317
Erlang 42
GitHub Actions 43
Go 3,153
Maven 6,299
npm 5,105
NuGet 861
pip 4,451
Pub 12
RubyGems 991
Rust 1,179
Swift 50

Unreviewed advisories

All unreviewed 293,208

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,290 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Honeywell IQ4x building management controller, exposes its full web-based HMI without... Critical Unreviewed

CVE-2026-3611 was published Mar 12, 2026

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2026-26793 was published Mar 12, 2026

A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+,... Critical Unreviewed

CVE-2026-28252 was published Mar 12, 2026

A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres... Critical Unreviewed

CVE-2026-21708 was published Mar 12, 2026

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on... Critical Unreviewed

CVE-2026-21669 was published Mar 12, 2026

A vulnerability allowing an authenticated user with the Backup Administrator role to perform... Critical Unreviewed

CVE-2026-21671 was published Mar 12, 2026

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on... Critical Unreviewed

CVE-2026-21666 was published Mar 12, 2026

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on... Critical Unreviewed

CVE-2026-21667 was published Mar 12, 2026

Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote... Critical Unreviewed

CVE-2026-3916 was published Mar 12, 2026

Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0... Critical Unreviewed

CVE-2025-66956 was published Mar 11, 2026

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta... Critical Unreviewed

CVE-2025-70041 was published Mar 11, 2026

An issue pertaining to CWE-89: Improper Neutralization of Special Elements used in an SQL Command... Critical Unreviewed

CVE-2025-70024 was published Mar 11, 2026

SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows... Critical Unreviewed

CVE-2019-25487 was published Mar 11, 2026

FileThingie 2.5.7 contains an arbitrary file upload vulnerability that allows attackers to upload... Critical Unreviewed

CVE-2019-25471 was published Mar 11, 2026

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows... Critical Unreviewed

CVE-2019-25468 was published Mar 11, 2026

Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL)... Critical Unreviewed

CVE-2018-25159 was published Mar 11, 2026

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client... Critical Unreviewed

CVE-2025-67041 was published Mar 11, 2026

An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and... Critical Unreviewed

CVE-2025-70082 was published Mar 11, 2026

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages... Critical Unreviewed

CVE-2025-67039 was published Mar 11, 2026

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are... Critical Unreviewed

CVE-2025-67035 was published Mar 11, 2026

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell... Critical Unreviewed

CVE-2025-67038 was published Mar 11, 2026

A remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers... Critical Unreviewed

CVE-2026-30741 was published Mar 11, 2026

External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6... Critical Unreviewed

CVE-2026-30903 was published Mar 11, 2026

IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2026-3826 was published Mar 11, 2026

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an... Critical Unreviewed

CVE-2026-24448 was published Mar 11, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,290 advisories