GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,273
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,489
Swift
61
Unreviewed advisories
All unreviewed
5,000+
954 advisories
Filter by severity
An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an...
Moderate
Unreviewed
CVE-2026-26053
was published
Jul 7, 2026
A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function...
Moderate
Unreviewed
CVE-2026-14792
was published
Jul 6, 2026
A flaw has been found in Craft CMS up to 4.18.0.1. Affected by this vulnerability is the function...
Moderate
Unreviewed
CVE-2026-14794
was published
Jul 6, 2026
A security vulnerability has been detected in SourceCodester Onlne Examination & Learning...
Moderate
Unreviewed
CVE-2026-14778
was published
Jul 6, 2026
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The...
Moderate
Unreviewed
CVE-2026-14719
was published
Jul 5, 2026
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1...
Moderate
Unreviewed
CVE-2026-14690
was published
Jul 5, 2026
A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0....
Low
Unreviewed
CVE-2026-14693
was published
Jul 5, 2026
Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds...
High
Unreviewed
CVE-2026-59093
was published
Jul 2, 2026
OpenClaw: Hook-triggered CLI runs could receive owner MCP tool authority
High
CVE-2026-53814
was published
for
openclaw
(npm)
Jul 2, 2026
Keycloak has privilege escalation via improper scope mapping enforcement
High
CVE-2026-9795
was published
for
org.keycloak:keycloak-services
(Maven)
Jul 1, 2026
A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role...
High
Unreviewed
CVE-2026-5136
was published
Jul 1, 2026
Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation....
Critical
Unreviewed
CVE-2026-57692
was published
Jul 1, 2026
MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile...
High
Unreviewed
CVE-2026-53902
was published
Jul 1, 2026
Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope without...
High
Unreviewed
CVE-2026-56247
was published
Jul 1, 2026
A flaw was found in Keycloak. A highly privileged user with `manage-clients` permission can...
Moderate
Unreviewed
CVE-2026-4629
was published
Jun 30, 2026
A flaw was found in the Identity Provider (IdP) mapper component of Keycloak, which is used to...
Moderate
Unreviewed
CVE-2026-12388
was published
Jun 30, 2026
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function...
Low
Unreviewed
CVE-2026-13591
was published
Jun 29, 2026
A weakness has been identified in SourceCodester Inventory Management System 1.0. This...
Moderate
Unreviewed
CVE-2026-13568
was published
Jun 29, 2026
Because O+ Connect's IPC service does not authenticate clients, external applications can...
High
Unreviewed
CVE-2026-22078
was published
Jun 29, 2026
A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown...
Low
Unreviewed
CVE-2026-13544
was published
Jun 29, 2026
A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This...
Low
Unreviewed
CVE-2026-13524
was published
Jun 29, 2026
A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function...
Low
Unreviewed
CVE-2026-13511
was published
Jun 29, 2026
Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website...
Critical
Unreviewed
CVE-2026-56028
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
Critical
Unreviewed
CVE-2026-56030
was published
Jun 26, 2026
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
Critical
Unreviewed
CVE-2026-56033
was published
Jun 26, 2026
ProTip!
Advisories are also available from the
GraphQL API