GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,329

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,485 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the... Moderate Unreviewed

CVE-2026-5538 was published Apr 5, 2026

A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the... Moderate Unreviewed

CVE-2026-5530 was published Apr 5, 2026

prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal... High Unreviewed

CVE-2026-22664 was published Apr 3, 2026

prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability... Moderate Unreviewed

CVE-2026-22662 was published Apr 3, 2026

A security vulnerability has been detected in mixelpixx Google-Research-MCP... Moderate Unreviewed

CVE-2026-5470 was published Apr 3, 2026

Microsoft Bing Elevation of Privilege Vulnerability Moderate Unreviewed

CVE-2026-32186 was published Apr 3, 2026

A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the... Moderate Unreviewed

CVE-2026-5469 was published Apr 3, 2026

Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate... Critical Unreviewed

CVE-2026-33107 was published Apr 3, 2026

Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an... Critical Unreviewed

CVE-2026-26135 was published Apr 3, 2026

A vulnerability was determined in Dataease SQLbot up to 1.6.0. This issue affects the function... Moderate Unreviewed

CVE-2026-5417 was published Apr 2, 2026

A vulnerability was identified in appsmithorg appsmith up to 1.97. Impacted is the function... Moderate Unreviewed

CVE-2026-5418 was published Apr 2, 2026

A vulnerability was determined in huimeicloud hm_editor up to 2.2.3. Impacted is the function... Moderate Unreviewed

CVE-2026-5346 was published Apr 2, 2026

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions... High Unreviewed

CVE-2026-0686 was published Apr 2, 2026

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions... Moderate Unreviewed

CVE-2026-0688 was published Apr 2, 2026

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an... Moderate Unreviewed

CVE-2026-20041 was published Apr 1, 2026

Improper input validation in the gateway health check feature in Devolutions Server allows a low... Moderate Unreviewed

CVE-2026-4989 was published Apr 1, 2026

Blind server-side request forgery (SSRF) vulnerability in legacy connection methods of document... Moderate Unreviewed

CVE-2026-0932 was published Apr 1, 2026

A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an... Moderate Unreviewed

CVE-2026-5259 was published Apr 1, 2026

A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the... Moderate Unreviewed

CVE-2026-5205 was published Mar 31, 2026

OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal... Moderate Unreviewed

CVE-2026-34504 was published Mar 31, 2026

The Performance Monitor WordPress plugin through 1.0.6 does not validate a parameter before... Moderate Unreviewed

CVE-2026-3881 was published Mar 31, 2026

Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery (SSRF) in... High Unreviewed

CVE-2026-29925 was published Mar 30, 2026

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the... Moderate Unreviewed

CVE-2026-5126 was published Mar 30, 2026

A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2... High Unreviewed

CVE-2026-0560 was published Mar 29, 2026

A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of... Moderate Unreviewed

CVE-2026-5016 was published Mar 29, 2026

Previous1…60 Next

Previous 1 2 3 4 5 … 59 60 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,485 advisories