GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
17,529 advisories
Filter by severity
A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls...
Low
Unreviewed
CVE-2026-57587
was published
Jun 25, 2026
A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file...
Low
Unreviewed
CVE-2026-57588
was published
Jun 25, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2026-54829
was published
Jun 25, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2026-54836
was published
Jun 25, 2026
Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions.
High
Unreviewed
CVE-2026-54838
was published
Jun 25, 2026
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
Critical
Unreviewed
CVE-2026-54843
was published
Jun 25, 2026
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
Critical
Unreviewed
CVE-2026-54849
was published
Jun 25, 2026
Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions.
High
Unreviewed
CVE-2026-54822
was published
Jun 25, 2026
The Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for...
High
Unreviewed
CVE-2026-12937
was published
Jun 25, 2026
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’...
Moderate
Unreviewed
CVE-2026-12079
was published
Jun 25, 2026
The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ...
Moderate
Unreviewed
CVE-2026-2508
was published
Jun 25, 2026
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via ...
High
Unreviewed
CVE-2026-12077
was published
Jun 25, 2026
Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-9783
was published
Jun 25, 2026
Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-9785
was published
Jun 25, 2026
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-9786
was published
Jun 25, 2026
Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-9784
was published
Jun 25, 2026
Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-9781
was published
Jun 25, 2026
Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-9782
was published
Jun 25, 2026
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-7570
was published
Jun 25, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2026-56052
was published
Jun 24, 2026
The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order'...
High
Unreviewed
CVE-2026-9179
was published
Jun 24, 2026
The ClearSale Total plugin for WordPress is vulnerable to SQL Injection via the `pagseguro[metodo...
High
Unreviewed
CVE-2026-8705
was published
Jun 24, 2026
An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to...
High
Unreviewed
CVE-2025-61029
was published
Jun 23, 2026
An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows...
High
Unreviewed
CVE-2025-61024
was published
Jun 23, 2026
An issue in the time_t_to_dt component of openlink virtuoso-opensource v7.2.11 allows attackers...
High
Unreviewed
CVE-2025-61028
was published
Jun 23, 2026
ProTip!
Advisories are also available from the
GraphQL API