Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,549
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,798
Pub
13
RubyGems
1,038
Rust
1,237
Swift
53
Unreviewed advisories
All unreviewed
5,000+

71 advisories

Loading
HashiCorp Vault May Expose Tokens to Auth Plugins Due to Incorrect Header Sanitization High
CVE-2026-4525 was published for github.com/hashicorp/vault (Go) Apr 17, 2026
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh... High Unreviewed
CVE-2026-5483 was published Apr 10, 2026
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could... High Unreviewed
CVE-2026-20151 was published Apr 1, 2026
Happy DOM's fetch credentials include uses page-origin cookies instead of target-origin cookies High
CVE-2026-34226 was published for happy-dom (npm) Mar 29, 2026
r74tech Credited to r74tech
Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp... High Unreviewed
CVE-2026-32538 was published Mar 25, 2026
lz4_flex's decompression can leak information from uninitialized memory or reused output buffer High
CVE-2026-32829 was published for lz4_flex (Rust) Mar 16, 2026
Marcono1234 Credited to Marcono1234
Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have two separate... High Unreviewed
CVE-2025-11500 was published Mar 16, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows... High Unreviewed
CVE-2026-27370 was published Mar 5, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my... High Unreviewed
CVE-2026-27406 was published Mar 5, 2026
Fleet: Sensitive Google Calendar credentials disclosed to low-privileged users High
CVE-2026-27465 was published for github.com/fleetdm/fleet/v4 (Go) Feb 26, 2026
prateek-0490 Credited to prateek-0490
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user... High Unreviewed
CVE-2026-27516 was published Feb 24, 2026
Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information... High Unreviewed
CVE-2026-27514 was published Feb 23, 2026
Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizard_reboot.asp... High Unreviewed
CVE-2020-37150 was published Feb 5, 2026
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated... High Unreviewed
CVE-2020-37093 was published Feb 4, 2026
SageMaker Python SDK has Exposed HMAC High
CVE-2026-1777 was published for sagemaker (pip) Feb 2, 2026
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) disclose sensitive... High Unreviewed
CVE-2026-24430 was published Jan 26, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in tabbyai Tabby Checkout tabby... High Unreviewed
CVE-2025-68035 was published Jan 22, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies... High Unreviewed
CVE-2025-63019 was published Jan 22, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in AITpro BulletProof Security... High Unreviewed
CVE-2025-67931 was published Jan 8, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Brecht Custom Related Posts... High Unreviewed
CVE-2025-68033 was published Jan 5, 2026
Insertion of Sensitive Information Into Sent Data vulnerability in Renzo Johnson Contact Form 7... High Unreviewed
CVE-2025-68989 was published Dec 30, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Essekia Tablesome tablesome... High Unreviewed
CVE-2025-68516 was published Dec 24, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in UserElements Ultimate Member... High Unreviewed
CVE-2025-66116 was published Dec 18, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in WP Chill Passster content... High Unreviewed
CVE-2025-64218 was published Dec 18, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in StylemixThemes MasterStudy LMS... High Unreviewed
CVE-2025-64213 was published Dec 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database