GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,937
Composer 5,855
Erlang 70
GitHub Actions 52
Go 3,894
Maven 6,588
npm 6,288
NuGet 963
pip 5,143
Pub 13
RubyGems 1,061
Rust 1,373
Swift 54

Unreviewed advisories

All unreviewed 303,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12,186 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8410 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8412 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8413 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8416 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8434 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8409 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8433 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8435 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8432 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8427 was published May 22, 2026

In Concrete CMS 9.5.0 and below, the RSS Displayer block accepts a feed URL from any page editor... Low Unreviewed

CVE-2026-7890 was published May 22, 2026

Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because... Low Unreviewed

CVE-2026-8139 was published May 22, 2026

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A... Low Unreviewed

CVE-2026-7887 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8414 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8415 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8411 was published May 22, 2026

Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF... Low Unreviewed

CVE-2026-7882 was published May 22, 2026

Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments[]... Low Unreviewed

CVE-2026-7886 was published May 22, 2026

A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a... Low Unreviewed

CVE-2026-44075 was published May 21, 2026

An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2... Low Unreviewed

CVE-2026-44070 was published May 21, 2026

Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in... Low Unreviewed

CVE-2026-44074 was published May 21, 2026

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper... Low Unreviewed

CVE-2026-7836 was published May 21, 2026

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated... Low Unreviewed

CVE-2026-7835 was published May 21, 2026

A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through... Low Unreviewed

CVE-2026-7837 was published May 21, 2026

Netatalk 2.2.1 through 4.4.2 calls system() after a failed chdir() without properly handling the... Low Unreviewed

CVE-2026-44072 was published May 21, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,186 advisories