GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,407
Composer 5,538
Erlang 49
GitHub Actions 49
Go 3,405
Maven 6,358
npm 5,578
NuGet 882
pip 4,641
Pub 13
RubyGems 1,026
Rust 1,209
Swift 53

Unreviewed advisories

All unreviewed 296,423

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,217 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Moderate Unreviewed

CVE-2026-3309 was published Apr 4, 2026

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection... Critical Unreviewed

CVE-2026-29014 was published Apr 1, 2026

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS... High Unreviewed

CVE-2025-24243 was published Apr 1, 2025

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed

CVE-2024-27857 was published Jun 10, 2024

The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows.... Moderate Unreviewed

CVE-2024-27793 was published May 14, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.5, macOS... High Unreviewed

CVE-2024-23278 was published Mar 8, 2024

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3,... High Unreviewed

CVE-2024-23208 was published Jan 23, 2024

The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file,... High Unreviewed

CVE-2026-1540 was published Apr 2, 2026

DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30313 was published Mar 30, 2026

In its design for automatic terminal command execution, HAI Build Code Generator offers two... Critical Unreviewed

CVE-2026-30308 was published Mar 30, 2026

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup... Critical Unreviewed

CVE-2026-30643 was published Apr 1, 2026

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character... Critical Unreviewed

CVE-2024-40489 was published Apr 1, 2026

Syntx's command auto-approval module contains a critical OS command injection vulnerability that... Critical Unreviewed

CVE-2026-30305 was published Mar 30, 2026

In its design for automatic terminal command execution, SakaDev offers two options: Execute safe... Critical Unreviewed

CVE-2026-30306 was published Mar 30, 2026

Roo Code's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30307 was published Mar 30, 2026

Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed

CVE-2024-56051 was published Dec 18, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed

CVE-2024-52434 was published Nov 18, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove... Critical Unreviewed

CVE-2024-52393 was published Nov 14, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed

CVE-2024-52427 was published Nov 18, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console... Critical Unreviewed

CVE-2024-50498 was published Oct 28, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson... High Unreviewed

CVE-2024-50492 was published Oct 28, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress... High Unreviewed

CVE-2024-50450 was published Oct 28, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code... Critical Unreviewed

CVE-2024-49254 was published Oct 16, 2024

: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in... Critical Unreviewed

CVE-2024-49271 was published Oct 16, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy... Critical Unreviewed

CVE-2024-32599 was published Apr 18, 2024

Previous1…169 Next

Previous 1 2 3 4 5 … 168 169 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,217 advisories