GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,500
Composer 5,543
Erlang 49
GitHub Actions 49
Go 3,417
Maven 6,361
npm 5,631
NuGet 882
pip 4,658
Pub 13
RubyGems 1,027
Rust 1,211
Swift 53

Unreviewed advisories

All unreviewed 296,635

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

906 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in... High Unreviewed

CVE-2026-22682 was published Apr 7, 2026

Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose... High Unreviewed

CVE-2026-32173 was published Apr 3, 2026

XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes. This... High Unreviewed

CVE-2025-71278 was published Apr 1, 2026

A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any... High Unreviewed

CVE-2026-0562 was published Mar 29, 2026

OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config... High Unreviewed

CVE-2026-32914 was published Mar 29, 2026

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated... High Unreviewed

CVE-2026-32972 was published Mar 29, 2026

Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful... High Unreviewed

CVE-2026-4933 was published Mar 26, 2026

Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource... High Unreviewed

CVE-2026-3573 was published Mar 26, 2026

Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability,... High Unreviewed

CVE-2026-4639 was published Mar 24, 2026

OpenClaw versions prior to 2026.3.1 contain an authorization mismatch vulnerability that allows... High Unreviewed

CVE-2026-32051 was published Mar 21, 2026

OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability... High Unreviewed

CVE-2026-32042 was published Mar 21, 2026

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... High Unreviewed

CVE-2026-21309 was published Mar 11, 2026

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... High Unreviewed

CVE-2026-21289 was published Mar 11, 2026

Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally. High Unreviewed

CVE-2026-26141 was published Mar 10, 2026

Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.script in... High Unreviewed

CVE-2026-29126 was published Mar 5, 2026

An improper authorization vulnerability in GitHub Trigger Comment Control in Google Cloud Build... High Unreviewed

CVE-2026-3136 was published Mar 3, 2026

Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected... High Unreviewed

CVE-2026-26336 was published Feb 19, 2026

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains... High Unreviewed

CVE-2025-4960 was published Feb 19, 2026

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed

CVE-2026-1999 was published Feb 18, 2026

WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user... High Unreviewed

CVE-2026-25566 was published Feb 8, 2026

Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due... High Unreviewed

CVE-2026-25859 was published Feb 8, 2026

WeKan versions prior to 8.19 contain an authorization logic vulnerability where the instance... High Unreviewed

CVE-2026-25568 was published Feb 8, 2026

WeKan versions prior to 8.19 contain an authorization weakness in the attachment upload API. The... High Unreviewed

CVE-2026-25561 was published Feb 8, 2026

WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API... High Unreviewed

CVE-2026-25565 was published Feb 8, 2026

Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior... High Unreviewed

CVE-2026-23572 was published Feb 5, 2026

Previous1…37 Next

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

906 advisories