GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,553
Composer 5,554
Erlang 49
GitHub Actions 49
Go 3,426
Maven 6,365
npm 5,645
NuGet 882
pip 4,670
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 296,666

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,533 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code... Critical Unreviewed

CVE-2026-22679 was published Apr 7, 2026

Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows... High Unreviewed

CVE-2026-4272 was published Apr 6, 2026

Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows... High Unreviewed

CVE-2019-25686 was published Apr 5, 2026

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that... High Unreviewed

CVE-2019-25678 was published Apr 5, 2026

Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers... High Unreviewed

CVE-2018-25246 was published Apr 4, 2026

Microsoft VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows... High Unreviewed

CVE-2018-25241 was published Apr 4, 2026

A specific administrative endpoint is accessible without proper authentication, exposing device... High Unreviewed

CVE-2026-32646 was published Apr 3, 2026

A specific administrative endpoint notifications is accessible without proper authentication. Moderate Unreviewed

CVE-2026-28767 was published Apr 3, 2026

A specific endpoint exposes all user account information for registered Gardyn users without... Critical Unreviewed

CVE-2026-28766 was published Apr 3, 2026

Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker... Critical Unreviewed

CVE-2026-32211 was published Apr 3, 2026

HiOS Switch Platform contains a denial-of-service vulnerability in the web interface that allows... Critical Unreviewed

CVE-2025-15620 was published Apr 2, 2026

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's... Moderate Unreviewed

CVE-2026-29132 was published Apr 2, 2026

HCL BigFix Platform is affected by insufficient authentication. The application might allow... Moderate Unreviewed

CVE-2026-21767 was published Apr 2, 2026

A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic... Moderate Unreviewed

CVE-2025-67805 was published Apr 1, 2026

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the... Moderate Unreviewed

CVE-2026-34999 was published Apr 1, 2026

The MAVLink communication protocol does not require cryptographic authentication by default.... Critical Unreviewed

CVE-2026-1579 was published Mar 31, 2026

The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows... Critical Unreviewed

CVE-2026-3356 was published Mar 31, 2026

PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated... High Unreviewed

CVE-2018-25224 was published Mar 28, 2026

SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated... High Unreviewed

CVE-2018-25225 was published Mar 28, 2026

Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without... Moderate Unreviewed

CVE-2026-34411 was published Mar 27, 2026

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may... Moderate Unreviewed

CVE-2026-33366 was published Mar 27, 2026

Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows... Moderate Unreviewed

CVE-2026-3527 was published Mar 26, 2026

The VSL privileged helper does utilize NSXPC for IPC. The implementation of the ... High Unreviewed

CVE-2026-24068 was published Mar 26, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.8.7, 18.9... Moderate Unreviewed

CVE-2026-1724 was published Mar 25, 2026

SHARP routers do not perform authentication for some web APIs. The device information may be... Moderate Unreviewed

CVE-2026-32326 was published Mar 25, 2026

Previous1…62 Next

Previous 1 2 3 4 5 … 61 62 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,533 advisories