Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

43,183 advisories

Loading
Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor... Moderate Unreviewed
CVE-2026-56809 was published Jun 30, 2026
The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-12560 was published Jun 30, 2026
The Team Members – Multi Language Supported Team Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-12114 was published Jun 30, 2026
Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2026-57958 was published Jun 29, 2026
Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. Moderate Unreviewed
CVE-2026-57326 was published Jun 29, 2026
Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. Moderate Unreviewed
CVE-2026-57328 was published Jun 29, 2026
Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions. Moderate Unreviewed
CVE-2026-57329 was published Jun 29, 2026
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions. High Unreviewed
CVE-2026-57333 was published Jun 29, 2026
Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions. High Unreviewed
CVE-2026-57320 was published Jun 29, 2026
Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions. Moderate Unreviewed
CVE-2026-57330 was published Jun 29, 2026
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. High Unreviewed
CVE-2026-57337 was published Jun 29, 2026
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. High Unreviewed
CVE-2026-57338 was published Jun 29, 2026
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. High Unreviewed
CVE-2026-57336 was published Jun 29, 2026
A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an... Low Unreviewed
CVE-2026-13567 was published Jun 29, 2026
A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an... Low Unreviewed
CVE-2026-13570 was published Jun 29, 2026
A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects... Low Unreviewed
CVE-2026-13556 was published Jun 29, 2026
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This... Low Unreviewed
CVE-2026-13557 was published Jun 29, 2026
A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by... Low Unreviewed
CVE-2026-13554 was published Jun 29, 2026
A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue... Low Unreviewed
CVE-2026-13558 was published Jun 29, 2026
A vulnerability has been found in GotoHTTP up to 10.2. This issue affects some unknown processing... Low Unreviewed
CVE-2026-13536 was published Jun 29, 2026
A vulnerability has been found in code-projects Project Management System 1.0. This vulnerability... Low Unreviewed
CVE-2026-13504 was published Jun 28, 2026
A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This... Low Unreviewed
CVE-2026-13499 was published Jun 28, 2026
The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2026-11597 was published Jun 27, 2026
The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2026-12399 was published Jun 27, 2026
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2026-13295 was published Jun 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database