GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,615
Composer 5,561
Erlang 49
GitHub Actions 49
Go 3,436
Maven 6,374
npm 5,656
NuGet 883
pip 4,694
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 297,120

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,708 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an... Low Unreviewed

CVE-2026-5847 was published Apr 9, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18... Low Unreviewed

CVE-2026-4916 was published Apr 9, 2026

The WP Fastest Cache plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Low Unreviewed

CVE-2025-10583 was published Dec 12, 2025

The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized... Low Unreviewed

CVE-2025-12958 was published Jan 7, 2026

The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to... Low Unreviewed

CVE-2023-1430 was published Jun 9, 2023

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is... Low Unreviewed

CVE-2024-3073 was published Jun 13, 2024

The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up... Low Unreviewed

CVE-2024-3034 was published Apr 27, 2024

The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup... Low Unreviewed

CVE-2025-10306 was published Oct 3, 2025

The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination... Low Unreviewed

CVE-2023-5775 was published Feb 26, 2024

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial... Low Unreviewed

CVE-2024-6434 was published Jul 4, 2024

The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to... Low Unreviewed

CVE-2023-6160 was published Nov 22, 2023

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode... Low Unreviewed

CVE-2024-1075 was published Feb 6, 2024

The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress... Low Unreviewed

CVE-2023-6164 was published Nov 22, 2023

Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission... Low Unreviewed

CVE-2026-28264 was published Apr 8, 2026

The login mechanism of Sage DPW 2021_06_004 displays distinct responses for valid and invalid... Low Unreviewed

CVE-2025-67806 was published Apr 1, 2026

pkgutil.get_data() did not validate the resource argument as documented, allowing path traversals. Low Unreviewed

CVE-2026-3479 was published Mar 18, 2026

An issue that could allow a user with access to a credential to view sensitive fields through an... Low Unreviewed

CVE-2026-5375 was published Apr 7, 2026

An issue that could expose task information outside of the authorized organization scope has been... Low Unreviewed

CVE-2026-5381 was published Apr 7, 2026

An issue that allowed MCP agents to access certificate information from outside of their... Low Unreviewed

CVE-2026-5379 was published Apr 7, 2026

An issue that could expose records outside of the authorized organization scope through the MCP... Low Unreviewed

CVE-2026-5382 was published Apr 7, 2026

In affected versions of Octopus Server it was possible for a low privileged user to manipulate an... Low Unreviewed

CVE-2026-3237 was published Mar 17, 2026

Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions,... Low Unreviewed

CVE-2026-35679 was published Apr 6, 2026

A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility,... Low Unreviewed

CVE-2026-3184 was published Apr 3, 2026

The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is... Low Unreviewed

CVE-2026-5115 was published Mar 31, 2026

Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow... Low Unreviewed

CVE-2026-4794 was published Mar 31, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

11,708 advisories