GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,776
Composer 5,282
Erlang 41
GitHub Actions 41
Go 3,080
Maven 6,283
npm 4,980
NuGet 825
pip 4,417
Pub 12
RubyGems 988
Rust 1,162
Swift 50

Unreviewed advisories

All unreviewed 292,195

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292,195 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed... Unknown Unreviewed

CVE-2026-2418 was published Mar 5, 2026

The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2026-3072 was published Mar 5, 2026

EC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass... Moderate Unreviewed

CVE-2026-30777 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28107 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28119 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28112 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28128 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28129 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28118 was published Mar 5, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in firassaidi WooCommerce License... Unknown Unreviewed

CVE-2026-28114 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28117 was published Mar 5, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2026-28115 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28126 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28122 was published Mar 5, 2026

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for... High Unreviewed

CVE-2026-29128 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28123 was published Mar 5, 2026

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal... Unknown Unreviewed

CVE-2026-28135 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28137 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28121 was published Mar 5, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetEngine... Unknown Unreviewed

CVE-2026-28134 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28127 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28109 was published Mar 5, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2026-28110 was published Mar 5, 2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Unknown Unreviewed

CVE-2026-28120 was published Mar 5, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection... Unknown Unreviewed

CVE-2026-28133 was published Mar 5, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

292,195 advisories