GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,688
Composer 5,273
Erlang 41
GitHub Actions 41
Go 3,066
Maven 6,276
npm 4,947
NuGet 825
pip 4,403
Pub 12
RubyGems 988
Rust 1,151
Swift 50

Unreviewed advisories

All unreviewed 291,758

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

291,758 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Concrete CMS below version 9.4.8, a rogue administrator can add stored XSS via the Switch... Moderate Unreviewed

CVE-2026-3242 was published Mar 4, 2026

The Morkva UA Shipping plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-2292 was published Mar 4, 2026

The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2026-2289 was published Mar 4, 2026

Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam... Low Unreviewed

CVE-2026-2994 was published Mar 4, 2026

Concrete CMS below version 9.4.8 is vulnerable to Remote Code Execution by stored PHP object... High Unreviewed

CVE-2026-3452 was published Mar 4, 2026

The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed

CVE-2026-1945 was published Mar 4, 2026

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing... Moderate Unreviewed

CVE-2026-1980 was published Mar 4, 2026

In Concrete CMS below version 9.4.8, A stored cross-site scripting (XSS) vulnerability exists in... Moderate Unreviewed

CVE-2026-3244 was published Mar 4, 2026

In Concrete CMS below version 9.4.8, a stored cross-site scripting (XSS) vulnerability exists in... Moderate Unreviewed

CVE-2026-3241 was published Mar 4, 2026

In Concrete CMS below version 9.4.8, a user with permission to edit a page with element Legacy... Moderate Unreviewed

CVE-2026-3240 was published Mar 4, 2026

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via... Moderate Unreviewed

CVE-2026-1651 was published Mar 4, 2026

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is... High Unreviewed

CVE-2026-1273 was published Mar 4, 2026

Improper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and earlier allows an... Unknown Unreviewed

CVE-2026-3130 was published Mar 4, 2026

Improper enforcement of the Disable password saving in vaults setting in the connection entry... Unknown Unreviewed

CVE-2026-2590 was published Mar 4, 2026

A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some... Moderate Unreviewed

CVE-2026-3487 was published Mar 4, 2026

Authentication bypass in the Microsoft Entra ID (Azure AD) authentication mode in Devolutions... Unknown Unreviewed

CVE-2026-3224 was published Mar 4, 2026

Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The... High Unreviewed

CVE-2026-3266 was published Mar 4, 2026

Improper input validation in the error message page in Devolutions Server 2025.3.15 and earlier... Unknown Unreviewed

CVE-2026-3204 was published Mar 4, 2026

The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables... High Unreviewed

CVE-2026-1775 was published Mar 4, 2026

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform... Unknown Unreviewed

CVE-2025-70240 was published Mar 3, 2026

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search... High Unreviewed

CVE-2026-24502 was published Mar 3, 2026

A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the... High Unreviewed

CVE-2026-3485 was published Mar 3, 2026

A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability... Moderate Unreviewed

CVE-2026-3486 was published Mar 3, 2026

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity (XXE)... High Unreviewed

CVE-2026-1567 was published Mar 3, 2026

Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access (... High Unreviewed

CVE-2026-25906 was published Mar 3, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

291,758 advisories