GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,402
Composer 5,653
Erlang 49
GitHub Actions 50
Go 3,599
Maven 6,431
npm 5,897
NuGet 924
pip 4,828
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,275

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,787 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on... Critical Unreviewed

CVE-2026-33519 was published Apr 21, 2026

An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows... Critical Unreviewed

CVE-2026-33518 was published Apr 21, 2026

Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite ... Critical Unreviewed

CVE-2026-34275 was published Apr 21, 2026

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager... Critical Unreviewed

CVE-2026-34279 was published Apr 21, 2026

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware ... Critical Unreviewed

CVE-2026-34285 was published Apr 21, 2026

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware ... Critical Unreviewed

CVE-2026-34286 was published Apr 21, 2026

An insecure direct object reference vulnerability in the Users API component of Crafty Controller... Critical Unreviewed

CVE-2026-5652 was published Apr 21, 2026

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net:... Critical Unreviewed

CVE-2025-15638 was published Apr 21, 2026

CrowdStrike has released security updates to address a critical unauthenticated path traversal... Critical Unreviewed

CVE-2026-40050 was published Apr 21, 2026

This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0... Critical Unreviewed

CVE-2026-21571 was published Apr 21, 2026

Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon... Critical Unreviewed

CVE-2019-25714 was published Apr 21, 2026

SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an... Critical Unreviewed

CVE-2025-41029 was published Apr 21, 2026

Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored... Critical Unreviewed

CVE-2017-20230 was published Apr 21, 2026

Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the... Critical Unreviewed

CVE-2026-38835 was published Apr 21, 2026

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150. Critical Unreviewed

CVE-2026-6768 was published Apr 21, 2026

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and... Critical Unreviewed

CVE-2026-6771 was published Apr 21, 2026

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150. Critical Unreviewed

CVE-2026-6760 was published Apr 21, 2026

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in... Critical Unreviewed

CVE-2026-6748 was published Apr 21, 2026

NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2026-5965 was published Apr 21, 2026

The obsolete nis_local_principal function in the GNU C Library version 2.43 and older may... Critical Unreviewed

CVE-2026-5358 was published Apr 20, 2026

Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library... Critical Unreviewed

CVE-2026-5450 was published Apr 20, 2026

Vvveb CMS v1.0.8 contains a remote code execution vulnerability in its media management... Critical Unreviewed

CVE-2026-6257 was published Apr 20, 2026

In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a... Critical Unreviewed

CVE-2026-29646 was published Apr 20, 2026

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] ... Critical Unreviewed

CVE-2026-29649 was published Apr 20, 2026

Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update... Critical Unreviewed

CVE-2026-30269 was published Apr 20, 2026

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,787 advisories