GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,445
Composer 5,657
Erlang 49
GitHub Actions 50
Go 3,615
Maven 6,433
npm 5,910
NuGet 925
pip 4,835
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,767

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,836 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed... Critical Unreviewed

CVE-2026-41446 was published Apr 29, 2026

The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with... Critical Unreviewed

CVE-2026-3893 was published Apr 28, 2026

NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication... Critical Unreviewed

CVE-2026-24178 was published Apr 28, 2026

** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request... Critical Unreviewed

CVE-2026-41873 was published Apr 28, 2026

Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This... Critical Unreviewed

CVE-2026-7321 was published Apr 28, 2026

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer... Critical Unreviewed

CVE-2026-27760 was published Apr 28, 2026

An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically... Critical Unreviewed

CVE-2026-5779 was published Apr 28, 2026

Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys. Critical Unreviewed

CVE-2026-32644 was published Apr 28, 2026

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized... Critical Unreviewed

CVE-2026-40976 was published Apr 28, 2026

A command injection vulnerability exists in Tenda AC18 V15.03.05.05_multi. The vulnerability is... Critical Unreviewed

CVE-2026-31255 was published Apr 27, 2026

MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication... Critical Unreviewed

CVE-2026-35903 was published Apr 27, 2026

ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in... Critical Unreviewed

CVE-2026-41462 was published Apr 27, 2026

A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl... Critical Unreviewed

CVE-2026-30352 was published Apr 27, 2026

The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The... Critical Unreviewed

CVE-2026-41409 was published Apr 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-22336 was published Apr 27, 2026

Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows... Critical Unreviewed

CVE-2026-22337 was published Apr 27, 2026

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in... Critical Unreviewed

CVE-2026-33453 was published Apr 27, 2026

The Camel-Mail component is vulnerable to Camel message header injection. The custom header... Critical Unreviewed

CVE-2026-33454 was published Apr 27, 2026

Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static... Critical Unreviewed

CVE-2026-41635 was published Apr 27, 2026

JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms,... Critical Unreviewed

CVE-2026-40860 was published Apr 27, 2026

The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case... Critical Unreviewed

CVE-2026-40453 was published Apr 27, 2026

Successful exploitation of the string injection vulnerability could allow an attacker to obtain... Critical Unreviewed

CVE-2026-3008 was published Apr 27, 2026

An insufficient encryption vulnerability exists in the Device Authentication functionality of... Critical Unreviewed

CVE-2026-42363 was published Apr 27, 2026

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send:... Critical Unreviewed

CVE-2026-31682 was published Apr 25, 2026

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64:... Critical Unreviewed

CVE-2026-31685 was published Apr 25, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,836 advisories