GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,868
Composer 5,288
Erlang 41
GitHub Actions 42
Go 3,114
Maven 6,288
npm 5,007
NuGet 826
pip 4,428
Pub 12
RubyGems 988
Rust 1,171
Swift 50

Unreviewed advisories

All unreviewed 292,409

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

151,603 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt:... Moderate Unreviewed

CVE-2026-3664 was published Mar 7, 2026

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function... Moderate Unreviewed

CVE-2026-3663 was published Mar 7, 2026

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function ota_new_upgrade of... Moderate Unreviewed

CVE-2026-3661 was published Mar 7, 2026

A vulnerability has been found in Wavlink WL-NU516U1 240425. This vulnerability affects the... Moderate Unreviewed

CVE-2026-3662 was published Mar 7, 2026

The LotekMedia Popup Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-2420 was published Mar 7, 2026

The Infomaniak Connect for OpenID plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-1824 was published Mar 7, 2026

The Show YouTube video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-1825 was published Mar 7, 2026

The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-1823 was published Mar 7, 2026

The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress... Moderate Unreviewed

CVE-2026-2433 was published Mar 7, 2026

The Media Library Alt Text Editor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-1820 was published Mar 7, 2026

The Carta Online plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2026-1071 was published Mar 7, 2026

The Guardian News Feed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2026-1087 was published Mar 7, 2026

The DA Media GigList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-1805 was published Mar 7, 2026

The Wueen plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2026-1569 was published Mar 7, 2026

The MyQtip – easy qTip2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-1574 was published Mar 7, 2026

The Font Pairing Preview For Landing Pages plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2026-1086 was published Mar 7, 2026

The Purchase Button For Affiliate Link plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2026-1073 was published Mar 7, 2026

The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2026-1085 was published Mar 7, 2026

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-2494 was published Mar 7, 2026

The MDJM Event Management plugin for WordPress is vulnerable to unauthorized data modification... Moderate Unreviewed

CVE-2026-1650 was published Mar 7, 2026

The MailArchiver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2026-2721 was published Mar 7, 2026

The CM Custom Reports plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-2431 was published Mar 7, 2026

The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2026-2722 was published Mar 7, 2026

The Hammas Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-1902 was published Mar 7, 2026

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'ce_venue_name'... Moderate Unreviewed

CVE-2026-2429 was published Mar 7, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

151,603 advisories