GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,273
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,489
Swift
61
Unreviewed advisories
All unreviewed
5,000+
954 advisories
Filter by severity
A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown...
Low
Unreviewed
CVE-2026-12823
was published
Jun 22, 2026
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may...
Moderate
Unreviewed
CVE-2026-12164
was published
Jun 24, 2026
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
High
Unreviewed
CVE-2026-56010
was published
Jun 26, 2026
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
High
Unreviewed
CVE-2026-56008
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website...
Critical
Unreviewed
CVE-2026-56028
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
Critical
Unreviewed
CVE-2026-56030
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
Critical
Unreviewed
CVE-2026-56033
was published
Jun 26, 2026
A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function...
Low
Unreviewed
CVE-2026-13511
was published
Jun 29, 2026
A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This...
Low
Unreviewed
CVE-2026-13524
was published
Jun 29, 2026
A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown...
Low
Unreviewed
CVE-2026-13544
was published
Jun 29, 2026
Because O+ Connect's IPC service does not authenticate clients, external applications can...
High
Unreviewed
CVE-2026-22078
was published
Jun 29, 2026
A weakness has been identified in SourceCodester Inventory Management System 1.0. This...
Moderate
Unreviewed
CVE-2026-13568
was published
Jun 29, 2026
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function...
Low
Unreviewed
CVE-2026-13591
was published
Jun 29, 2026
A flaw was found in Keycloak. A highly privileged user with `manage-clients` permission can...
Moderate
Unreviewed
CVE-2026-4629
was published
Jun 30, 2026
A flaw was found in the Identity Provider (IdP) mapper component of Keycloak, which is used to...
Moderate
Unreviewed
CVE-2026-12388
was published
Jun 30, 2026
Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope without...
High
Unreviewed
CVE-2026-56247
was published
Jul 1, 2026
MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile...
High
Unreviewed
CVE-2026-53902
was published
Jul 1, 2026
A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role...
High
Unreviewed
CVE-2026-5136
was published
Jul 1, 2026
Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation....
Critical
Unreviewed
CVE-2026-57692
was published
Jul 1, 2026
Keycloak has privilege escalation via improper scope mapping enforcement
High
CVE-2026-9795
was published
for
org.keycloak:keycloak-services
(Maven)
Jul 1, 2026
OpenClaw: Hook-triggered CLI runs could receive owner MCP tool authority
High
CVE-2026-53814
was published
for
openclaw
(npm)
Jul 2, 2026
Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds...
High
Unreviewed
CVE-2026-59093
was published
Jul 2, 2026
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1...
Moderate
Unreviewed
CVE-2026-14690
was published
Jul 5, 2026
A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0....
Low
Unreviewed
CVE-2026-14693
was published
Jul 5, 2026
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The...
Moderate
Unreviewed
CVE-2026-14719
was published
Jul 5, 2026
ProTip!
Advisories are also available from the
GraphQL API