GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
544 advisories
Filter by severity
Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions.
Critical
Unreviewed
CVE-2026-49764
was published
Jun 15, 2026
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0...
High
Unreviewed
CVE-2026-42668
was published
Jun 15, 2026
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.
High
Unreviewed
CVE-2026-42411
was published
Jun 15, 2026
Unauthenticated Broken Authentication in Simple Cloudflare Turnstile <= 1.38.0 versions.
Moderate
Unreviewed
CVE-2026-40799
was published
Jun 15, 2026
Unauthenticated Broken Authentication in ReviewX <= 2.3.6 versions.
High
Unreviewed
CVE-2026-40781
was published
Jun 15, 2026
Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions.
Moderate
Unreviewed
CVE-2026-42378
was published
Jun 15, 2026
Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions.
High
Unreviewed
CVE-2026-40785
was published
Jun 15, 2026
Subscriber Sensitive Data Exposure in WP SMS <= 7.2.1 versions.
Moderate
Unreviewed
CVE-2026-40790
was published
Jun 15, 2026
Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions.
High
Unreviewed
CVE-2026-39450
was published
Jun 15, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js...
High
Unreviewed
CVE-2026-49062
was published
Jun 15, 2026
Traefik has a StripPrefix Route-Level Auth Bypass via Path Normalization
High
CVE-2026-48020
was published
for
github.com/traefik/traefik/v2
(Go)
Jun 11, 2026
An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and...
Critical
Unreviewed
CVE-2026-10523
was published
Jun 9, 2026
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
High
Unreviewed
CVE-2026-5415
was published
Jun 5, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP...
High
Unreviewed
CVE-2026-40780
was published
Jun 2, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System...
High
Unreviewed
CVE-2026-42654
was published
Jun 2, 2026
Nuxt's route middleware is not enforced when rendering `.server.vue` pages via `/__nuxt_island/page_*`
Moderate
CVE-2026-47200
was published
for
@nuxt/nitro-server
(npm)
May 29, 2026
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or...
Critical
Unreviewed
CVE-2025-41273
was published
May 29, 2026
Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64...
High
Unreviewed
CVE-2026-8697
was published
May 28, 2026
A user with physical access to a smartphone can bypass authentication mechanism of Kidsview...
Moderate
Unreviewed
CVE-2026-8990
was published
May 28, 2026
Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can...
Critical
Unreviewed
CVE-2026-35087
was published
May 27, 2026
In Slican telephone exchanges it is possible to manage the control panel remotely. An...
Critical
Unreviewed
CVE-2026-35090
was published
May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
High
Unreviewed
CVE-2026-42745
was published
May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and...
High
Unreviewed
CVE-2026-42760
was published
May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeisle Disable...
High
Unreviewed
CVE-2026-42749
was published
May 27, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
High
Unreviewed
CVE-2026-42735
was published
May 27, 2026
ProTip!
Advisories are also available from the
GraphQL API