Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+

5,026 advisories

Loading
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-3358 was published Apr 11, 2026
Ech0's Missing Authorization on System Logs Allows Non-Admin Information Disclosure Moderate
GHSA-w8jj-cwmc-wgq2 was published for github.com/lin-snow/ech0 (Go) Apr 10, 2026
offset Credited to offset
Ech0 Comment Panel Endpoints Missing RequireScopes Middleware — Scoped Access Token Bypass Moderate
GHSA-fwg7-53p4-g33c was published for github.com/lin-snow/ech0 (Go) Apr 10, 2026
offset Credited to offset
Ech0: Missing authorization on dashboard log endpoints allows low-privilege users to access sensitive system logs Moderate
GHSA-cp79-9mwr-wr49 was published for github.com/lin-snow/ech0 (Go) Apr 10, 2026
threalwinky Credited to threalwinky
PraisonAIAgents: Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate Moderate
CVE-2026-40117 was published for praisonaiagents (pip) Apr 10, 2026
offset Credited to offset
Vikunja Missing Authorization on CalDAV Task Read Moderate
CVE-2026-35598 was published for code.vikunja.io/api (Go) Apr 10, 2026
adrgs Credited to adrgs and aisafe-bot aisafe-bot aisafe-bot
The Download Manager plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2026-4057 was published Apr 10, 2026
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin... Moderate Unreviewed
CVE-2026-4977 was published Apr 10, 2026
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS... Moderate Unreviewed
CVE-2026-33776 was published Apr 10, 2026
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows... Moderate Unreviewed
CVE-2026-33785 was published Apr 10, 2026
The Ziggeo plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and... Moderate Unreviewed
CVE-2026-4124 was published Apr 9, 2026
GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9... Moderate Unreviewed
CVE-2025-9484 was published Apr 9, 2026
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed
CVE-2026-0814 was published Apr 8, 2026
The Easy Image Collage plugin for WordPress is vulnerable to unauthorized loss of data due to a... Moderate Unreviewed
CVE-2024-5863 was published Apr 8, 2026
The Easy Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed
CVE-2024-5864 was published Apr 8, 2026
The Bard Extra plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-10532 was published Apr 8, 2026
Missing Authorization vulnerability in CKThemes Flipmart flipmart allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-39716 was published Apr 8, 2026
Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting... Moderate Unreviewed
CVE-2026-39714 was published Apr 8, 2026
Missing Authorization vulnerability in Paul Bearne Author Avatars List/Block author-avatars... Moderate Unreviewed
CVE-2026-39690 was published Apr 8, 2026
Missing Authorization vulnerability in Arjan Pronk linkPizza-Manager linkpizza-manager allows... Moderate Unreviewed
CVE-2026-39682 was published Apr 8, 2026
Missing Authorization vulnerability in Shahjada Download Manager download-manager allows... Moderate Unreviewed
CVE-2026-39676 was published Apr 8, 2026
Missing Authorization vulnerability in Netro Systems Make My Trivia trivialy allows Exploiting... Moderate Unreviewed
CVE-2026-39706 was published Apr 8, 2026
Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie... Moderate Unreviewed
CVE-2026-39680 was published Apr 8, 2026
Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule... Moderate Unreviewed
CVE-2026-39694 was published Apr 8, 2026
Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing... Moderate Unreviewed
CVE-2026-39704 was published Apr 8, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database