GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,615
Composer 5,561
Erlang 49
GitHub Actions 49
Go 3,436
Maven 6,374
npm 5,656
NuGet 883
pip 4,694
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 297,096

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,416 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user... High Unreviewed

CVE-2025-59710 was published Apr 3, 2026

The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in... High Unreviewed

CVE-2026-4326 was published Apr 9, 2026

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of... High Unreviewed

CVE-2026-5830 was published Apr 9, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9,... High Unreviewed

CVE-2026-5173 was published Apr 9, 2026

A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function... High Unreviewed

CVE-2026-5815 was published Apr 9, 2026

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows... High Unreviewed

CVE-2026-40024 was published Apr 9, 2026

parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK... High Unreviewed

CVE-2026-40029 was published Apr 9, 2026

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and... High Unreviewed

CVE-2026-40031 was published Apr 9, 2026

OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in... High Unreviewed

CVE-2026-40037 was published Apr 9, 2026

UAC (Unix-like Artifacts Collector) before 3.3.0-rc1 contains a command injection vulnerability... High Unreviewed

CVE-2026-40032 was published Apr 9, 2026

ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal... High Unreviewed

CVE-2026-40027 was published Apr 9, 2026

parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path... High Unreviewed

CVE-2026-40030 was published Apr 9, 2026

Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse_compressed... High Unreviewed

CVE-2026-40036 was published Apr 9, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9,... High Unreviewed

CVE-2026-1092 was published Apr 9, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18... High Unreviewed

CVE-2025-12664 was published Apr 9, 2026

During chain building, the amount of work that is done is not correctly limited when a large... High Unreviewed

CVE-2026-32280 was published Apr 8, 2026

The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... High Unreviewed

CVE-2025-13801 was published Jan 7, 2026

The Simple User Registration plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed

CVE-2026-0844 was published Jan 28, 2026

The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for... High Unreviewed

CVE-2025-15266 was published Jan 14, 2026

The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable... High Unreviewed

CVE-2026-3231 was published Mar 11, 2026

The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-7359 was published Jul 16, 2025

The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory... High Unreviewed

CVE-2025-3300 was published Apr 24, 2025

The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2025-0810 was published Apr 7, 2025

The SMTP for Sendinblue – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-0953 was published Feb 22, 2025

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2025-3607 was published Apr 24, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,416 advisories