GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
4,254 advisories
Filter by severity
Vulnerability in the Siebel CRM Integration product of Oracle Siebel CRM (component: EAI). ...
High
Unreviewed
CVE-2026-46885
was published
Jun 17, 2026
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA...
High
Unreviewed
CVE-2026-46873
was published
Jun 17, 2026
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA...
Moderate
Unreviewed
CVE-2026-46877
was published
Jun 17, 2026
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager...
High
Unreviewed
CVE-2026-46867
was published
Jun 17, 2026
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager...
Critical
Unreviewed
CVE-2026-46852
was published
Jun 17, 2026
Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware (component:...
Critical
Unreviewed
CVE-2026-46794
was published
Jun 17, 2026
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component:...
High
Unreviewed
CVE-2026-46804
was published
Jun 17, 2026
Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). ...
Moderate
Unreviewed
CVE-2026-35291
was published
Jun 17, 2026
Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component...
High
Unreviewed
CVE-2026-35288
was published
Jun 17, 2026
Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component...
High
Unreviewed
CVE-2026-35272
was published
Jun 17, 2026
api-gateway container running with root privilege would allow an attacker to escape the container...
High
Unreviewed
CVE-2024-38487
was published
Jun 16, 2026
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This...
Moderate
Unreviewed
CVE-2026-12313
was published
Jun 16, 2026
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in...
High
Unreviewed
CVE-2026-12289
was published
Jun 16, 2026
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is...
High
Unreviewed
CVE-2026-8176
was published
Jun 16, 2026
Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful...
Moderate
Unreviewed
CVE-2025-9912
was published
Jun 16, 2026
An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate...
High
Unreviewed
CVE-2026-39118
was published
Jun 15, 2026
An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate...
High
Unreviewed
CVE-2026-36213
was published
Jun 15, 2026
Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed...
High
Unreviewed
CVE-2026-12018
was published
Jun 12, 2026
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control...
High
Unreviewed
CVE-2026-45176
was published
Jun 11, 2026
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
High
Unreviewed
CVE-2025-31272
was published
Jun 11, 2026
The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up...
Critical
Unreviewed
CVE-2025-6254
was published
Jun 10, 2026
The Events Calendar for GeoDirectory plugin for WordPress is vulnerable to Privilege Escalation...
High
Unreviewed
CVE-2026-11616
was published
Jun 9, 2026
nebula-mesh's web UI lacks CSRF tokens on /ui/* mutating endpoints
High
CVE-2026-47725
was published
for
github.com/juev/nebula-mesh
(Go)
Jun 8, 2026
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local...
Moderate
Unreviewed
CVE-2026-44119
was published
Jun 8, 2026
Shopper: Authorization bypass and RBAC privilege escalation in team settings
Critical
CVE-2026-47744
was published
for
shopper/framework
(Composer)
Jun 5, 2026
ProTip!
Advisories are also available from the
GraphQL API