Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,549
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,798
Pub
13
RubyGems
1,038
Rust
1,237
Swift
53
Unreviewed advisories
All unreviewed
5,000+

718 advisories

Loading
ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in... High Unreviewed
CVE-2026-6066 was published Apr 20, 2026
Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to... Moderate Unreviewed
CVE-2026-33569 was published Apr 17, 2026
Flowise: Password Reset Link Sent Over Unsecured HTTP High
GHSA-x5w6-38gp-mrqh was published for flowise (npm) Apr 16, 2026
charmedai Credited to charmedai
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur... High Unreviewed
CVE-2026-31923 was published Apr 14, 2026
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud... Moderate Unreviewed
CVE-2026-31924 was published Apr 14, 2026
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0... Moderate Unreviewed
CVE-2026-21742 was published Apr 14, 2026
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0... Moderate Unreviewed
CVE-2026-22155 was published Apr 14, 2026
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite Low Unreviewed
CVE-2012-5562 was published Apr 23, 2022
IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on... Moderate Unreviewed
CVE-2026-4820 was published Apr 1, 2026
The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is... Low Unreviewed
CVE-2026-5115 was published Mar 31, 2026
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure... Moderate Unreviewed
CVE-2026-32745 was published Mar 13, 2026
A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy,... Moderate Unreviewed
CVE-2026-5119 was published Mar 30, 2026
IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to... Moderate Unreviewed
CVE-2025-64648 was published Mar 25, 2026
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of... Moderate Unreviewed
CVE-2026-1014 was published Mar 25, 2026
OpenClaw has an opt-in insecure Control UI auth over plaintext HTTP could allow privileged access Moderate
CVE-2026-32034 was published for openclaw (npm) Mar 3, 2026
Vasco0x4 Credited to Vasco0x4
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated... Moderate Unreviewed
CVE-2026-20115 was published Mar 25, 2026
Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client... High Unreviewed
CVE-2026-30795 was published Mar 5, 2026
Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk... High Unreviewed
CVE-2026-30796 was published Mar 5, 2026
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed
CVE-2023-39245 was published Feb 15, 2024
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow a remote attacker to... Moderate Unreviewed
CVE-2021-39090 was published Feb 29, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3... Moderate Unreviewed
CVE-2023-42016 was published Feb 9, 2024
"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information... Moderate Unreviewed
CVE-2022-38710 was published Nov 4, 2022
Unencrypted ingress/health traffic when using Wireguard transparent encryption Moderate
CVE-2024-25630 was published for github.com/cilium/cilium (Go) Feb 20, 2024
gandro Credited to gandro and giorio94 giorio94 giorio94
Unencrypted traffic between pods when using Wireguard and an external kvstore Moderate
CVE-2024-25631 was published for github.com/cilium/cilium (Go) Feb 20, 2024
gandro Credited to gandro and giorio94 giorio94 giorio94
Service information is not encrypted when transmitted as BACnet packets over the wire, and can... Critical Unreviewed
CVE-2026-24060 was published Mar 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database