GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
374 advisories
Filter by severity
A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects...
Low
Unreviewed
CVE-2026-13513
was published
Jun 29, 2026
A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function...
Low
Unreviewed
CVE-2026-13507
was published
Jun 29, 2026
A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function...
Low
Unreviewed
CVE-2026-13483
was published
Jun 28, 2026
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login...
Moderate
Unreviewed
CVE-2026-9242
was published
Jun 27, 2026
Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that...
Critical
Unreviewed
CVE-2026-56073
was published
Jun 20, 2026
Insufficient Verification of Data Authenticity vulnerability in Apache APISIX.
The openid...
Moderate
Unreviewed
CVE-2026-44087
was published
Jun 19, 2026
Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a...
Moderate
Unreviewed
CVE-2026-53899
was published
Jun 16, 2026
Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP...
Moderate
Unreviewed
CVE-2026-53900
was published
Jun 16, 2026
Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for...
High
Unreviewed
CVE-2026-53406
was published
Jun 12, 2026
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More...
Moderate
Unreviewed
CVE-2026-7792
was published
Jun 6, 2026
The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2026-8608
was published
Jun 6, 2026
The /v1/Plan service relies entirely on a shared global API token for full administrative...
Critical
Unreviewed
CVE-2026-50214
was published
Jun 4, 2026
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1,...
High
Unreviewed
CVE-2022-4992
was published
Jun 3, 2026
The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Payment Bypass...
Moderate
Unreviewed
CVE-2026-9189
was published
May 29, 2026
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...
High
Unreviewed
CVE-2026-3012
was published
May 27, 2026
Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher...
Moderate
Unreviewed
CVE-2026-25602
was published
May 20, 2026
A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function...
Moderate
Unreviewed
CVE-2026-7611
was published
May 2, 2026
A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function...
Moderate
Unreviewed
CVE-2026-7606
was published
May 2, 2026
The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via...
Moderate
Unreviewed
CVE-2026-6498
was published
Apr 30, 2026
A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the...
Moderate
Unreviewed
CVE-2026-6986
was published
Apr 25, 2026
When calling base64.b64decode() or related functions the decoding process would stop after...
Moderate
Unreviewed
CVE-2026-3446
was published
Apr 10, 2026
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More...
Moderate
Unreviewed
CVE-2026-3177
was published
Apr 7, 2026
An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows...
Moderate
Unreviewed
CVE-2026-30603
was published
Apr 2, 2026
The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X...
High
Unreviewed
CVE-2026-4984
was published
Mar 27, 2026
A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verify of the file...
Moderate
Unreviewed
CVE-2026-4115
was published
Mar 22, 2026
ProTip!
Advisories are also available from the
GraphQL API