Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,416
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,657
Pub
13
RubyGems
1,027
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Backoffice User can bypass "Publish" restriction Low
CVE-2023-48227 was published for Umbraco.CMS (NuGet) Dec 13, 2023
roie-shmuel Credited to roie-shmuel
Privilege Escalation using Spoofing Moderate
CVE-2023-49273 was published for Umbraco.CMS (NuGet) Dec 13, 2023
jerpenol Credited to jerpenol
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service Low
CVE-2024-27086 was published for Microsoft.Identity.Client (NuGet) Apr 16, 2024
localden Credited to localden, ashok672, bgavrilMS, gladjohn, pmaytak, jmprieur, christothes, and ntc-swiss-team ashok672 ashok672
bgavrilMS bgavrilMS gladjohn gladjohn pmaytak pmaytak jmprieur jmprieur christothes christothes ntc-swiss-team ntc-swiss-team
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API Low
CVE-2024-48925 was published for Umbraco.CMS (NuGet) Oct 22, 2024
thanhlam-attt Credited to thanhlam-attt
TShock Security Escalation Exploit High
GHSA-hvm9-wc8j-mgrc was published for TShock (NuGet) Dec 18, 2024
sgkoishi Credited to sgkoishi and THEXN THEXN THEXN
Oqtane Framework Insecure Direct Object Reference vulnerability Low
CVE-2024-55186 was published for Oqtane.Client (NuGet) Dec 20, 2024
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality Moderate
CVE-2025-27601 was published for Umbraco.Cms.Api.Management (NuGet) Mar 11, 2025
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content Moderate
CVE-2025-27602 was published for Umbraco.Cms.Web.Backoffice (NuGet) Mar 11, 2025
hazemeldoc Credited to hazemeldoc
DNN.PLATFORM possibly allows bypass of IP Filters High
CVE-2025-52487 was published for DNN.PLATFORM (NuGet) Jun 20, 2025
valadas Credited to valadas, bdukes, and mitchelsellers bdukes bdukes
mitchelsellers mitchelsellers
Duplicate Advisory: OpenClaw has cross-account DM pairing authorization bypass via unscoped pairing store access Low
GHSA-vmvw-pwwf-cc2w was published for openclaw (NuGet) Mar 21, 2026 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database