GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,250
Composer 5,336
Erlang 44
GitHub Actions 43
Go 3,181
Maven 6,302
npm 5,159
NuGet 863
pip 4,474
Pub 12
RubyGems 991
Rust 1,185
Swift 51

Unreviewed advisories

All unreviewed 293,692

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293,692 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7... Moderate Unreviewed

CVE-2026-4289 was published Mar 17, 2026

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The... Moderate Unreviewed

CVE-2026-4287 was published Mar 17, 2026

A vulnerability was identified in taoofagi easegen-admin up to... Moderate Unreviewed

CVE-2026-4285 was published Mar 17, 2026

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities... Unknown Unreviewed

CVE-2026-4177 was published Mar 17, 2026

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The... Moderate Unreviewed

CVE-2026-4288 was published Mar 17, 2026

A vulnerability was determined in taoofagi easegen-admin up to... Moderate Unreviewed

CVE-2026-4284 was published Mar 17, 2026

When an Expat parser with a registered ElementDeclHandler parses an inline document type... Moderate Unreviewed

CVE-2026-4224 was published Mar 16, 2026

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from... Moderate Unreviewed

CVE-2025-61662 was published Nov 18, 2025

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names. Moderate Unreviewed

CVE-2026-21991 was published Mar 17, 2026

Cross Site scripting vulnerability (XSS) in NetBox 4.3.5 "comment" field on object forms. An... Moderate Unreviewed

CVE-2025-57543 was published Mar 16, 2026

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was... Moderate Unreviewed

CVE-2026-3644 was published Mar 16, 2026

A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2... High Unreviewed

CVE-2025-69784 was published Mar 16, 2026

Raytha CMS is vulnerable to Cross-Site Request Forgery across multiple endpoints. Attacker can... Moderate Unreviewed

CVE-2025-69238 was published Mar 16, 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed

CVE-2025-61637 was published Feb 3, 2026

HCL AION is affected by a vulnerability where certain offering configurations may permit... Low Unreviewed

CVE-2025-52646 was published Mar 16, 2026

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper... Low Unreviewed

CVE-2025-52636 was published Mar 16, 2026

HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed... Moderate Unreviewed

CVE-2025-52643 was published Mar 16, 2026

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')... Moderate Unreviewed

CVE-2026-32398 was published Mar 13, 2026

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or... Moderate Unreviewed

CVE-2025-52644 was published Mar 16, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2026-32462 was published Mar 13, 2026

SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain... High Unreviewed

CVE-2025-69768 was published Mar 16, 2026

Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing... Moderate Unreviewed

CVE-2025-69236 was published Mar 16, 2026

Raytha CMS is vulnerable to Stored XSS via FirstName and LastName parameters in profile editing... Moderate Unreviewed

CVE-2025-69241 was published Mar 16, 2026

Raytha CMS is vulnerable to Reflected XSS via returnUrl parameter in logon functionality. An... Moderate Unreviewed

CVE-2025-69245 was published Mar 16, 2026

Raytha CMS allows an attacker to spoof `X-Forwarded-Host` or `Host` headers to attacker... High Unreviewed

CVE-2025-69240 was published Mar 16, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

293,692 advisories