GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
447 advisories
Filter by severity
Authentication Bypass by Spoofing vulnerability in WP Swings Subscriptions for WooCommerce...
High
Unreviewed
CVE-2026-24372
was published
Mar 25, 2026
In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execution and account...
Critical
Unreviewed
CVE-2025-59707
was published
Mar 25, 2026
In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables...
Critical
Unreviewed
CVE-2025-59706
was published
Mar 25, 2026
Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 149.
Moderate
Unreviewed
CVE-2026-4728
was published
Mar 24, 2026
WebCTRL systems that communicate over BACnet inherit the protocol's lack
of network layer...
High
Unreviewed
CVE-2026-32666
was published
Mar 21, 2026
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
Moderate
Unreviewed
CVE-2026-0385
was published
Mar 16, 2026
wpDiscuz before 7.6.47 contains a vote manipulation vulnerability that allows attackers to...
Moderate
Unreviewed
CVE-2026-22199
was published
Mar 13, 2026
An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the...
High
Unreviewed
CVE-2025-67298
was published
Mar 11, 2026
In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA...
Moderate
Unreviewed
CVE-2026-32229
was published
Mar 11, 2026
An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3,...
Moderate
Unreviewed
CVE-2025-48840
was published
Mar 10, 2026
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects...
Critical
Unreviewed
CVE-2026-2800
was published
Feb 24, 2026
When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider ...
High
Unreviewed
CVE-2024-1524
was published
Feb 24, 2026
Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to...
Critical
Unreviewed
CVE-2025-71056
was published
Feb 23, 2026
Authentication Bypass by Spoofing vulnerability in mdalabar WooODT Lite byconsole-woo-order...
High
Unreviewed
CVE-2025-69401
was published
Feb 20, 2026
Malicious scripts that interrupt new tab page loading could cause desynchronization between the...
Moderate
Unreviewed
CVE-2026-2032
was published
Feb 16, 2026
Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers...
Moderate
Unreviewed
CVE-2020-37056
was published
Jan 31, 2026
Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 (TDDP module) allows...
Moderate
Unreviewed
CVE-2026-0834
was published
Jan 21, 2026
An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and...
Critical
Unreviewed
CVE-2026-22797
was published
Jan 19, 2026
A vulnerability was reported in ThinkPlus configuration software that could allow a local...
High
Unreviewed
CVE-2025-13455
was published
Jan 15, 2026
Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication...
Critical
Unreviewed
CVE-2025-11250
was published
Jan 13, 2026
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects...
Moderate
Unreviewed
CVE-2026-0890
was published
Jan 13, 2026
Authentication Bypass by Spoofing vulnerability in Apache NimBLE.
Receiving specially crafted...
High
Unreviewed
CVE-2025-62235
was published
Jan 10, 2026
Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL...
High
Unreviewed
CVE-2025-68644
was published
Dec 21, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Low
Unreviewed
CVE-2025-65046
was published
Dec 19, 2025
An authentication bypass by spoofing vulnerability has been reported to affect several QNAP...
High
Unreviewed
CVE-2025-59385
was published
Dec 16, 2025
ProTip!
Advisories are also available from the
GraphQL API