Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,413
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,657
Pub
13
RubyGems
1,027
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,472 advisories

Loading
An issue that allowed MCP agents to access remediation and asset information from outside of the... Moderate Unreviewed
CVE-2026-5374 was published Apr 7, 2026
An issue that could allow an authorized user to view the clear-text secrets for a subset of... Moderate Unreviewed
CVE-2026-5380 was published Apr 7, 2026
An issue that allowed MCP agents to access certificate information from outside of their... Low Unreviewed
CVE-2026-5379 was published Apr 7, 2026
An issue that could allow a credential to be updated and used for a task from outside of the... Moderate Unreviewed
CVE-2026-5384 was published Apr 7, 2026
An issue that could allow access to Explorer groups from outside of the authorized organization... Moderate Unreviewed
CVE-2026-5383 was published Apr 7, 2026
An issue that could expose records outside of the authorized organization scope through the MCP... Low Unreviewed
CVE-2026-5382 was published Apr 7, 2026
An issue that allowed administrators to create and update users outside of their authorized... Moderate Unreviewed
CVE-2026-5378 was published Apr 7, 2026
An issue that could expose task information outside of the authorized organization scope has been... Low Unreviewed
CVE-2026-5381 was published Apr 7, 2026
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2026-32213 was published Apr 3, 2026
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to... Critical Unreviewed
CVE-2026-33105 was published Apr 3, 2026
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose... High Unreviewed
CVE-2026-32173 was published Apr 3, 2026
XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes. This... High Unreviewed
CVE-2025-71278 was published Apr 1, 2026
OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its Microsoft Teams... Low Unreviewed
CVE-2026-34509 was published Mar 31, 2026
When the early_acl_drop (earlyACLDrop in Lua) option is disabled (default is enabled) on a DNS... Moderate Unreviewed
CVE-2026-24029 was published Mar 31, 2026
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any... High Unreviewed
CVE-2026-0562 was published Mar 29, 2026
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing write-scoped... Moderate Unreviewed
CVE-2026-32919 was published Mar 29, 2026
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf... Critical Unreviewed
CVE-2026-32915 was published Mar 29, 2026
OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config... High Unreviewed
CVE-2026-32914 was published Mar 29, 2026
OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction... Moderate Unreviewed
CVE-2026-32924 was published Mar 29, 2026
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated... High Unreviewed
CVE-2026-32972 was published Mar 29, 2026
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild... Moderate Unreviewed
CVE-2026-32923 was published Mar 29, 2026
Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful... Moderate Unreviewed
CVE-2026-3526 was published Mar 26, 2026
Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful... Moderate Unreviewed
CVE-2026-3525 was published Mar 26, 2026
Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful... High Unreviewed
CVE-2026-4933 was published Mar 26, 2026
Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource... High Unreviewed
CVE-2026-3573 was published Mar 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database