Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,894
Maven
5,000+
npm
5,000+
NuGet
963
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,373
Swift
54
Unreviewed advisories
All unreviewed
5,000+

42,415 advisories

Loading
The KIA Subtitle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2026-7509 was published May 22, 2026
The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2026-6864 was published May 22, 2026
The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-3481 was published May 22, 2026
Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because... Low Unreviewed
CVE-2026-8139 was published May 22, 2026
Webmin before 2.641 contains a stored cross-site scripting vulnerability in the email template... Moderate Unreviewed
CVE-2026-22678 was published May 22, 2026
In the Drupal 7 Term Reference Tree module, two stored XSS vectors exist in the widget/formatter... Moderate Unreviewed
CVE-2026-4093 was published May 22, 2026
Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not... High Unreviewed
CVE-2026-8203 was published May 21, 2026
Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth... High Unreviewed
CVE-2026-8197 was published May 21, 2026
Umbraco.Cms: XSS/HTML Injection in Umbraco Backoffice confirmation dialog Moderate
CVE-2026-46609 was published for Umbraco.Cms (NuGet) May 21, 2026
kaushikmbabu Credited to kaushikmbabu
NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL Moderate
CVE-2026-46547 was published for nocodb (npm) May 21, 2026
naoyashiga Credited to naoyashiga
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics214... Moderate Unreviewed
CVE-2026-48224 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48223 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48217 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48226 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48227 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48216 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48221 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202... Moderate Unreviewed
CVE-2026-48219 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48229 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205... Moderate Unreviewed
CVE-2026-48220 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in landb... Moderate Unreviewed
CVE-2026-48225 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons... Moderate Unreviewed
CVE-2026-48218 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48228 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213... Moderate Unreviewed
CVE-2026-48222 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in... Moderate Unreviewed
CVE-2026-48230 was published May 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database