GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
293,692 advisories
Filter by severity
A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7...
Moderate
Unreviewed
CVE-2026-4289
was published
Mar 17, 2026
A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The...
Moderate
Unreviewed
CVE-2026-4287
was published
Mar 17, 2026
A vulnerability was identified in taoofagi easegen-admin up to...
Moderate
Unreviewed
CVE-2026-4285
was published
Mar 17, 2026
YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities...
Unknown
Unreviewed
CVE-2026-4177
was published
Mar 17, 2026
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The...
Moderate
Unreviewed
CVE-2026-4288
was published
Mar 17, 2026
A vulnerability was determined in taoofagi easegen-admin up to...
Moderate
Unreviewed
CVE-2026-4284
was published
Mar 17, 2026
When an Expat parser with a registered ElementDeclHandler parses an inline
document type...
Moderate
Unreviewed
CVE-2026-4224
was published
Mar 16, 2026
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from...
Moderate
Unreviewed
CVE-2025-61662
was published
Nov 18, 2025
A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names.
Moderate
Unreviewed
CVE-2026-21991
was published
Mar 17, 2026
Cross Site scripting vulnerability (XSS) in NetBox 4.3.5 "comment" field on object forms. An...
Moderate
Unreviewed
CVE-2025-57543
was published
Mar 16, 2026
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was...
Moderate
Unreviewed
CVE-2026-3644
was published
Mar 16, 2026
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2...
High
Unreviewed
CVE-2025-69784
was published
Mar 16, 2026
Raytha CMS is vulnerable to Cross-Site Request Forgery across multiple endpoints. Attacker can...
Moderate
Unreviewed
CVE-2025-69238
was published
Mar 16, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2025-61637
was published
Feb 3, 2026
HCL AION is affected by a vulnerability where certain offering configurations may permit...
Low
Unreviewed
CVE-2025-52646
was published
Mar 16, 2026
HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper...
Low
Unreviewed
CVE-2025-52636
was published
Mar 16, 2026
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed...
Moderate
Unreviewed
CVE-2025-52643
was published
Mar 16, 2026
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')...
Moderate
Unreviewed
CVE-2026-32398
was published
Mar 13, 2026
HCL AION is affected by a vulnerability where certain user actions are not adequately audited or...
Moderate
Unreviewed
CVE-2025-52644
was published
Mar 16, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2026-32462
was published
Mar 13, 2026
SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain...
High
Unreviewed
CVE-2025-69768
was published
Mar 16, 2026
Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing...
Moderate
Unreviewed
CVE-2025-69236
was published
Mar 16, 2026
Raytha CMS is vulnerable to Stored XSS via FirstName and LastName parameters in profile editing...
Moderate
Unreviewed
CVE-2025-69241
was published
Mar 16, 2026
Raytha CMS is vulnerable to Reflected XSS via returnUrl parameter in logon functionality. An...
Moderate
Unreviewed
CVE-2025-69245
was published
Mar 16, 2026
Raytha CMS allows an attacker to spoof `X-Forwarded-Host` or `Host` headers to attacker...
High
Unreviewed
CVE-2025-69240
was published
Mar 16, 2026
ProTip!
Advisories are also available from the
GraphQL API