GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,937
Composer 5,855
Erlang 70
GitHub Actions 52
Go 3,894
Maven 6,588
npm 6,288
NuGet 963
pip 5,143
Pub 13
RubyGems 1,061
Rust 1,373
Swift 54

Unreviewed advisories

All unreviewed 303,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

303,299 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration... Moderate Unreviewed

CVE-2026-44409 was published May 22, 2026

The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed

CVE-2026-7249 was published May 22, 2026

The KIA Subtitle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2026-7509 was published May 22, 2026

Mothra would respect a default value given by a website for HTML file upload forms. An attacker... Moderate Unreviewed

CVE-2026-9053 was published May 22, 2026

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable... High Unreviewed

CVE-2026-9018 was published May 22, 2026

The Alfie – Feed Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2026-4070 was published May 22, 2026

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2026-6864 was published May 22, 2026

The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter... High Unreviewed

CVE-2026-4834 was published May 22, 2026

The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and... Moderate Unreviewed

CVE-2026-2518 was published May 22, 2026

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size... Critical Unreviewed

CVE-2026-9054 was published May 22, 2026

The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-3481 was published May 22, 2026

In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract... High Unreviewed

CVE-2026-41054 was published May 20, 2026

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing... Unknown Unreviewed

CVE-2026-5091 was published May 22, 2026

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL... Moderate Unreviewed

CVE-2026-23279 was published Mar 25, 2026

A malicious actor with access to the network and low privileges could exploit a Path Traversal... High Unreviewed

CVE-2026-34911 was published May 22, 2026

A malicious actor with access to the network could exploit a Path Traversal vulnerability found... Critical Unreviewed

CVE-2026-34909 was published May 22, 2026

A malicious actor with access to the network and high privileges could exploit an Improper Input... Critical Unreviewed

CVE-2026-33000 was published May 22, 2026

A malicious actor with access to the network could exploit an Improper Access Control... Critical Unreviewed

CVE-2026-34908 was published May 22, 2026

A malicious actor with access to the network could exploit an Improper Input Validation... Critical Unreviewed

CVE-2026-34910 was published May 22, 2026

A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows... Unknown Unreviewed

CVE-2026-9264 was published May 22, 2026

The setcred(2) system call is only available to privileged users. However, before the privilege... High Unreviewed

CVE-2026-45250 was published May 21, 2026

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use... High Unreviewed

CVE-2026-23281 was published Mar 25, 2026

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated... High Unreviewed

CVE-2026-46473 was published May 21, 2026

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer... Moderate Unreviewed

CVE-2026-23285 was published Mar 25, 2026

In the Linux kernel, the following vulnerability has been resolved: regulator: fp9931: Fix PM... Moderate Unreviewed

CVE-2026-23283 was published Mar 25, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

303,299 advisories