Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,894
Maven
5,000+
npm
5,000+
NuGet
963
pip
5,000+
Pub
13
RubyGems
1,061
Rust
1,373
Swift
54
Unreviewed advisories
All unreviewed
5,000+

17,071 advisories

Loading
The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter... High Unreviewed
CVE-2026-4834 was published May 22, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile_main.php... High Unreviewed
CVE-2026-48238 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the... High Unreviewed
CVE-2026-48237 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the... High Unreviewed
CVE-2026-48236 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where... High Unreviewed
CVE-2026-48239 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php... High Unreviewed
CVE-2026-48235 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php... High Unreviewed
CVE-2026-48240 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/fullsit_incidents... High Unreviewed
CVE-2026-48232 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php... High Unreviewed
CVE-2026-48233 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax... High Unreviewed
CVE-2026-48234 was published May 21, 2026
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the... High Unreviewed
CVE-2026-48231 was published May 21, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2026-39531 was published May 21, 2026
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a... High Unreviewed
CVE-2026-44047 was published May 21, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2026-9082 was published May 20, 2026
SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges. Moderate Unreviewed
CVE-2026-44923 was published May 20, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2026-42383 was published May 20, 2026
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple... Critical Unreviewed
CVE-2026-9065 was published May 20, 2026
NextGEN Gallery version prior to 4.2.1 are vulnerable to authenticated SQL injection via the ... Critical Unreviewed
CVE-2026-9059 was published May 20, 2026
E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2026-9003 was published May 20, 2026
The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url'... High Unreviewed
CVE-2026-9010 was published May 20, 2026
The Read More & Accordion plugin for WordPress is vulnerable to time-based blind SQL Injection... Moderate Unreviewed
CVE-2026-7472 was published May 20, 2026
The Infility Global plugin for WordPress is vulnerable to SQL Injection via the 'orderby' and ... Moderate Unreviewed
CVE-2026-8685 was published May 20, 2026
The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for WordPress is... High Unreviewed
CVE-2026-3985 was published May 20, 2026
BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the... High Unreviewed
CVE-2026-31069 was published May 19, 2026
The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input'... High Unreviewed
CVE-2026-8912 was published May 19, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database