Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
47
Go
3,295
Maven
5,000+
npm
5,000+
NuGet
876
pip
4,524
Pub
12
RubyGems
1,008
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140,990 advisories

Loading
The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2026-4766 was published Mar 25, 2026
Open Redirect vulnerability in Hitachi Ops Center Administrator.This issue affects Hitachi Ops... Moderate Unreviewed
CVE-2026-1166 was published Mar 25, 2026
A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown... Moderate Unreviewed
CVE-2026-4784 was published Mar 25, 2026
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted... Moderate Unreviewed
CVE-2026-4783 was published Mar 25, 2026
A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This... Moderate Unreviewed
CVE-2026-4777 was published Mar 25, 2026
A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This... Moderate Unreviewed
CVE-2026-4779 was published Mar 25, 2026
A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is... Moderate Unreviewed
CVE-2026-4781 was published Mar 25, 2026
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This... Moderate Unreviewed
CVE-2026-4778 was published Mar 25, 2026
A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an... Moderate Unreviewed
CVE-2026-4780 was published Mar 25, 2026
HCL Traveler is susceptible to a weak default HTTP header validation vulnerability, which could... Moderate Unreviewed
CVE-2026-21790 was published Mar 24, 2026
NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker... Moderate Unreviewed
CVE-2025-33216 was published Mar 24, 2026
An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket,... Moderate Unreviewed
CVE-2026-4433 was published Mar 24, 2026
NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to... Moderate Unreviewed
CVE-2025-33242 was published Mar 24, 2026
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious... Moderate Unreviewed
CVE-2025-33215 was published Mar 24, 2026
HCL Traveler is affected by sensitive information disclosure.  The application generates some... Moderate Unreviewed
CVE-2026-21783 was published Mar 24, 2026
An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate... Moderate Unreviewed
CVE-2026-23923 was published Mar 24, 2026
Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters... Moderate Unreviewed
CVE-2026-23924 was published Mar 24, 2026
JiZhiCMS v2.5.6 and before contains a Stored Cross-Site Scripting (XSS) vulnerability in the... Moderate Unreviewed
CVE-2026-29840 was published Mar 24, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to... Moderate Unreviewed
CVE-2026-28755 was published Mar 24, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to... Moderate Unreviewed
CVE-2026-28753 was published Mar 24, 2026
SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows... Moderate Unreviewed
CVE-2026-30655 was published Mar 24, 2026
iCMS v8.0.0 contains a Cross-Site Scripting (XSS) vulnerability in the User Management component,... Moderate Unreviewed
CVE-2026-30661 was published Mar 24, 2026
ConcreteCMS v9.4.7 contains a Denial of Service (DoS) vulnerability in the File Manager component... Moderate Unreviewed
CVE-2026-30662 was published Mar 24, 2026
Pixel Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash... Moderate Unreviewed
CVE-2019-25621 was published Mar 24, 2026
phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated... Moderate Unreviewed
CVE-2019-25632 was published Mar 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database