GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,428
Composer 5,654
Erlang 49
GitHub Actions 50
Go 3,606
Maven 6,433
npm 5,910
NuGet 924
pip 4,831
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,324

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,219 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity... Critical Unreviewed

CVE-2026-41460 was published Apr 23, 2026

Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module. Critical Unreviewed

CVE-2025-50229 was published Apr 23, 2026

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a SQL Injection... Critical Unreviewed

CVE-2026-6887 was published Apr 23, 2026

In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL... Critical Unreviewed

CVE-2026-29198 was published Apr 23, 2026

SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an... Critical Unreviewed

CVE-2025-41029 was published Apr 21, 2026

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management... Critical Unreviewed

CVE-2026-39109 was published Apr 20, 2026

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2026-5963 was published Apr 20, 2026

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2026-5964 was published Apr 20, 2026

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote... Critical Unreviewed

CVE-2026-37749 was published Apr 17, 2026

Unauthenticated user is able to execute arbitrary SQL commands in Sparx Pro Cloud Server database... Critical Unreviewed

CVE-2025-15625 was published Apr 17, 2026

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the... Critical Unreviewed

CVE-2026-37339 was published Apr 16, 2026

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the... Critical Unreviewed

CVE-2026-37340 was published Apr 16, 2026

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the... Critical Unreviewed

CVE-2026-37345 was published Apr 16, 2026

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the... Critical Unreviewed

CVE-2026-37338 was published Apr 16, 2026

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in... Critical Unreviewed

CVE-2026-37347 was published Apr 16, 2026

A SQL injection vulnerability exists in the School Management System (version 1.0) by... Critical Unreviewed

CVE-2025-65133 was published Apr 14, 2026

In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability... Critical Unreviewed

CVE-2025-65135 was published Apr 14, 2026

Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store... Critical Unreviewed

CVE-2025-63939 was published Apr 14, 2026

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP... Critical Unreviewed

CVE-2026-27681 was published Apr 14, 2026

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2026-29861 was published Apr 10, 2026

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode... Critical Unreviewed

CVE-2026-36233 was published Apr 10, 2026

SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php... Critical Unreviewed

CVE-2026-36236 was published Apr 10, 2026

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online... Critical Unreviewed

CVE-2026-36232 was published Apr 10, 2026

itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse... Critical Unreviewed

CVE-2026-36234 was published Apr 10, 2026

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online... Critical Unreviewed

CVE-2026-36235 was published Apr 10, 2026

Previous1…169 Next

Previous 1 2 3 4 5 … 168 169 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,219 advisories