GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,101
Composer 5,484
Erlang 47
GitHub Actions 48
Go 3,378
Maven 6,352
npm 5,450
NuGet 881
pip 4,573
Pub 13
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,796

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

141,569 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The application does not detect or guard against cyclic PDF object references while handling... Moderate Unreviewed

CVE-2026-3778 was published Apr 1, 2026

XenForo before 2.3.9 and before 2.2.18 is vulnerable to cross-site scripting (XSS) related to... Moderate Unreviewed

CVE-2026-35055 was published Apr 1, 2026

XenForo before 2.3.9 is vulnerable to stored cross-site scripting (XSS) related to BB code... Moderate Unreviewed

CVE-2026-35054 was published Apr 1, 2026

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-3831 was published Apr 1, 2026

The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to... Moderate Unreviewed

CVE-2026-3774 was published Apr 1, 2026

The application does not properly validate the lifetime and validity of internal view cache... Moderate Unreviewed

CVE-2026-3777 was published Apr 1, 2026

A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the... Moderate Unreviewed

CVE-2026-5251 was published Apr 1, 2026

A vulnerability was found in gougucms 4.08.18. This impacts an unknown function of the file ... Moderate Unreviewed

CVE-2026-5249 was published Apr 1, 2026

Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread... Moderate Unreviewed

CVE-2026-2394 was published Apr 1, 2026

XenForo before 2.3.7 allows information disclosure via local account page caching on shared... Moderate Unreviewed

CVE-2025-71280 was published Apr 1, 2026

The application does not validate the presence of required appearance (AP) data before accessing... Moderate Unreviewed

CVE-2026-3776 was published Apr 1, 2026

A vulnerability has been found in gougucms 4.08.18. This affects the function reg_submit of the... Moderate Unreviewed

CVE-2026-5248 was published Apr 1, 2026

XenForo before 2.3.10 and before 2.2.19 is vulnerable to stored cross-site scripting (XSS) in... Moderate Unreviewed

CVE-2026-35057 was published Apr 1, 2026

XenForo before 2.2.17 and 2.3.1 allows open redirect via a specially crafted URL. The... Moderate Unreviewed

CVE-2024-58342 was published Apr 1, 2026

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2026-2480 was published Apr 1, 2026

A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This... Moderate Unreviewed

CVE-2026-5240 was published Apr 1, 2026

A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this... Moderate Unreviewed

CVE-2026-5238 was published Apr 1, 2026

A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by... Moderate Unreviewed

CVE-2026-5237 was published Apr 1, 2026

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function... Moderate Unreviewed

CVE-2026-5236 was published Apr 1, 2026

The Booking for Appointments and Events Calendar - Amelia plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-4668 was published Apr 1, 2026

A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS... Moderate Unreviewed

CVE-2026-5215 was published Apr 1, 2026

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function... Moderate Unreviewed

CVE-2026-5235 was published Apr 1, 2026

A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The... Moderate Unreviewed

CVE-2026-30520 was published Mar 31, 2026

Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14... Moderate Unreviewed

CVE-2026-30587 was published Mar 25, 2026

A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an... Moderate Unreviewed

CVE-2026-5210 was published Mar 31, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

141,569 advisories