Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

262 advisories

Loading
Exposure of sensitive information in the users MFA feature in Devolutions Server allows users... Moderate Unreviewed
CVE-2026-4927 was published Apr 1, 2026
openssl-encrypt's readiness endpoint leaks database error details to unauthenticated callers Moderate
GHSA-2vhw-q7vh-7xv2 was published for openssl-encrypt (pip) Apr 1, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Inkthemescom Black Rider... Moderate Unreviewed
CVE-2025-59003 was published Dec 31, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows... High Unreviewed
CVE-2025-47444 was published Aug 12, 2025
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could... High Unreviewed
CVE-2026-20151 was published Apr 1, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in VideoWhisper.Com Contact Forms... High Unreviewed
CVE-2024-49235 was published Oct 17, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File... Moderate Unreviewed
CVE-2024-43230 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by... Moderate Unreviewed
CVE-2024-43264 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order... Moderate Unreviewed
CVE-2024-43259 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This... Moderate Unreviewed
CVE-2024-43283 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in RadiusTheme... Moderate Unreviewed
CVE-2024-34812 was published May 14, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in UkrSolution Barcode... Moderate Unreviewed
CVE-2024-34556 was published May 14, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HasThemes HT Mega... Moderate Unreviewed
CVE-2024-32782 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Very Good Plugins WP Fusion... Moderate Unreviewed
CVE-2024-32796 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Patrick Posner Simply Static... High Unreviewed
CVE-2024-32825 was published Apr 24, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Tainacan.Org Tainacan... Moderate Unreviewed
CVE-2024-1435 was published Feb 29, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Codection Import and... High Unreviewed
CVE-2024-38787 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons... Moderate Unreviewed
CVE-2024-31278 was published Apr 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in InstaWP Team InstaWP... High Unreviewed
CVE-2024-23506 was published Jan 27, 2024
Happy DOM's fetch credentials include uses page-origin cookies instead of target-origin cookies High
CVE-2026-34226 was published for happy-dom (npm) Mar 29, 2026
r74tech Credited to r74tech
Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi Contact Form by... Moderate Unreviewed
CVE-2026-25339 was published Mar 25, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp... High Unreviewed
CVE-2026-32538 was published Mar 25, 2026
lz4_flex's decompression can leak information from uninitialized memory or reused output buffer High
CVE-2026-32829 was published for lz4_flex (Rust) Mar 16, 2026
Marcono1234 Credited to Marcono1234
Liferay Portal and Liferay DXP vulnerable to theft of hashed password Moderate
CVE-2024-26270 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 20, 2024
A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to... Moderate Unreviewed
CVE-2026-1539 was published Jan 28, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database