Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
48
Go
3,361
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,554
Pub
12
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,673 advisories

Loading
Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow... Low Unreviewed
CVE-2026-4794 was published Mar 31, 2026
The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is... Low Unreviewed
CVE-2026-5115 was published Mar 31, 2026
An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle.chown()` in the... Low Unreviewed
CVE-2026-21716 was published Mar 30, 2026
A flaw in Node.js Permission Model filesystem enforcement leaves `fs.realpathSync.native()`... Low Unreviewed
CVE-2026-21715 was published Mar 30, 2026
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the... Low Unreviewed
CVE-2026-28528 was published Mar 30, 2026
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the... Low Unreviewed
CVE-2026-28526 was published Mar 30, 2026
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the... Low Unreviewed
CVE-2026-28527 was published Mar 30, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18... Low Unreviewed
CVE-2025-13611 was published Nov 26, 2025
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function... Low Unreviewed
CVE-2026-5107 was published Mar 30, 2026
Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded... Low Unreviewed
CVE-2025-7741 was published Mar 30, 2026
A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts an unknown... Low Unreviewed
CVE-2026-4993 was published Mar 28, 2026
A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer... Low Unreviewed
CVE-2026-4958 was published Mar 27, 2026
If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP... Low Unreviewed
CVE-2026-27860 was published Mar 27, 2026
A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can... Low Unreviewed
CVE-2026-0968 was published Mar 26, 2026
A flaw was found in libssh. A remote attacker, by controlling client configuration files or... Low Unreviewed
CVE-2026-0967 was published Mar 26, 2026
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string... Low Unreviewed
CVE-2026-2239 was published Mar 26, 2026
A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an... Low Unreviewed
CVE-2026-2271 was published Mar 26, 2026
A flaw was found in libssh where it can attempt to open arbitrary files during configuration... Low Unreviewed
CVE-2026-0965 was published Mar 26, 2026
An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that... Low Unreviewed
CVE-2026-3229 was published Mar 19, 2026
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in... Low Unreviewed
CVE-2026-3230 was published Mar 19, 2026
Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL... Low Unreviewed
CVE-2026-4395 was published Mar 19, 2026
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which... Low Unreviewed
CVE-2026-3109 was published Mar 26, 2026
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a... Low Unreviewed
CVE-2025-55276 was published Mar 26, 2026
HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which... Low Unreviewed
CVE-2025-55277 was published Mar 26, 2026
HCL Aftermarket DPC is affected by Admin Session Concurrency vulnerability using which an... Low Unreviewed
CVE-2025-55275 was published Mar 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database