GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,250
Composer 5,336
Erlang 44
GitHub Actions 43
Go 3,181
Maven 6,302
npm 5,159
NuGet 863
pip 4,474
Pub 12
RubyGems 991
Rust 1,185
Swift 51

Unreviewed advisories

All unreviewed 293,685

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293,685 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross Site scripting vulnerability (XSS) in NetBox 4.3.5 "comment" field on object forms. An... Moderate Unreviewed

CVE-2025-57543 was published Mar 16, 2026

Raytha CMS is vulnerable to Cross-Site Request Forgery across multiple endpoints. Attacker can... Moderate Unreviewed

CVE-2025-69238 was published Mar 16, 2026

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was... Moderate Unreviewed

CVE-2026-3644 was published Mar 16, 2026

A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2... High Unreviewed

CVE-2025-69784 was published Mar 16, 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed

CVE-2025-61637 was published Feb 3, 2026

HCL AION is affected by a vulnerability where certain offering configurations may permit... Low Unreviewed

CVE-2025-52646 was published Mar 16, 2026

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper... Low Unreviewed

CVE-2025-52636 was published Mar 16, 2026

Raytha CMS is vulnerable to Reflected XSS via returnUrl parameter in logon functionality. An... Moderate Unreviewed

CVE-2025-69245 was published Mar 16, 2026

Raytha CMS is vulnerable to Server-Side Request Forgery in the “Themes - Import from URL” feature... Moderate Unreviewed

CVE-2025-69239 was published Mar 16, 2026

HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed... Moderate Unreviewed

CVE-2025-52643 was published Mar 16, 2026

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')... Moderate Unreviewed

CVE-2026-32398 was published Mar 13, 2026

Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing... Moderate Unreviewed

CVE-2025-69236 was published Mar 16, 2026

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or... Moderate Unreviewed

CVE-2025-52644 was published Mar 16, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2026-32462 was published Mar 13, 2026

Raytha CMS allows an attacker to spoof `X-Forwarded-Host` or `Host` headers to attacker... High Unreviewed

CVE-2025-69240 was published Mar 16, 2026

Raytha CMS is vulnerable to Stored XSS via FirstName and LastName parameters in profile editing... Moderate Unreviewed

CVE-2025-69241 was published Mar 16, 2026

SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain... High Unreviewed

CVE-2025-69768 was published Mar 16, 2026

Raytha CMS is vulnerable to Stored XSS via FieldValues[0].Value parameter in page creation... Moderate Unreviewed

CVE-2025-69237 was published Mar 16, 2026

Raytha CMS does not have any brute force protection mechanism implemented. It allows an attacker... Moderate Unreviewed

CVE-2025-69246 was published Mar 16, 2026

Raytha CMS is vulnerable to User Enumeration in password reset functionality. Difference in... Moderate Unreviewed

CVE-2025-69243 was published Mar 16, 2026

Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file... Moderate Unreviewed

CVE-2026-29516 was published Mar 16, 2026

An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8.... Moderate Unreviewed

CVE-2025-69727 was published Mar 16, 2026

Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to handle... Moderate Unreviewed

CVE-2026-2454 was published Mar 16, 2026

The `flow/admin/moniteur.php` script in Use It Flow administration website before 10.0.0 is... Unknown Unreviewed

CVE-2025-50881 was published Mar 16, 2026

Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a... Moderate Unreviewed

CVE-2026-1629 was published Mar 16, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

293,685 advisories