Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,931
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,382
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,327 advisories

Loading
Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote... High Unreviewed
CVE-2026-9976 was published May 29, 2026
Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote... High Unreviewed
CVE-2026-9938 was published May 29, 2026
Insufficient character filtering in backup agent signing module on Comet Backup server allows... Critical Unreviewed
CVE-2026-32999 was published May 28, 2026
An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote... High Unreviewed
CVE-2026-37712 was published May 27, 2026
An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote... High Unreviewed
CVE-2026-37711 was published May 27, 2026
An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote... High Unreviewed
CVE-2026-37713 was published May 27, 2026
The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions... High Unreviewed
CVE-2026-6169 was published May 27, 2026
The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin... High Unreviewed
CVE-2026-8832 was published May 27, 2026
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in... High Unreviewed
CVE-2026-8855 was published May 26, 2026
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM... Critical Unreviewed
CVE-2026-8633 was published May 26, 2026
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM... High Unreviewed
CVE-2026-9170 was published May 26, 2026
OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated... High Unreviewed
CVE-2026-42785 was published May 26, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com... High Unreviewed
CVE-2026-24937 was published May 26, 2026
Dolibarr ERP CRM 7.0.3 contains a remote code evaluation vulnerability that allows... Critical Unreviewed
CVE-2018-25357 was published May 26, 2026
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail Moderate Unreviewed
CVE-2026-42396 was published May 21, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client... Critical Unreviewed
CVE-2026-22314 was published May 20, 2026
scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the... Critical Unreviewed
CVE-2026-30117 was published May 19, 2026
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via... High Unreviewed
CVE-2025-51427 was published May 19, 2026
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's... Critical Unreviewed
CVE-2026-2586 was published May 19, 2026
Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives... High Unreviewed
CVE-2026-46586 was published May 19, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in email services of... Moderate Unreviewed
CVE-2026-35086 was published May 19, 2026
A vulnerability in Command-Line Client in P4 Server prior to the 2025.2 Patch 2, identified as... High Unreviewed
CVE-2026-6902 was published May 18, 2026
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability... Critical Unreviewed
CVE-2018-25320 was published May 17, 2026
python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to... Critical Unreviewed
CVE-2021-47952 was published May 16, 2026
ORSEE (Online Recruitment System for Economic Experiments) 3.1.0 contains an authenticated Remote... Moderate Unreviewed
CVE-2025-67031 was published May 15, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database