GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,402
Composer 5,653
Erlang 49
GitHub Actions 50
Go 3,599
Maven 6,431
npm 5,897
NuGet 924
pip 4,828
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,274

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,786 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module. Critical Unreviewed

CVE-2025-50229 was published Apr 23, 2026

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation... Critical Unreviewed

CVE-2026-34415 was published Apr 22, 2026

BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2... Critical Unreviewed

CVE-2026-39920 was published Apr 24, 2026

Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who... Critical Unreviewed

CVE-2026-6919 was published Apr 23, 2026

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an... Critical Unreviewed

CVE-2026-21515 was published Apr 24, 2026

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2026-6349 was published Apr 16, 2026

Delta Electronics AS320T has no checking of the length of the buffer with the directory name ... Critical Unreviewed

CVE-2026-1951 was published Apr 24, 2026

Delta Electronics AS320T has No checking of the length of the buffer with the file name... Critical Unreviewed

CVE-2026-1950 was published Apr 24, 2026

Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability. Critical Unreviewed

CVE-2026-1952 was published Apr 24, 2026

Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT... Critical Unreviewed

CVE-2026-1949 was published Apr 24, 2026

A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to... Critical Unreviewed

CVE-2026-40630 was published Apr 24, 2026

A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be... Critical Unreviewed

CVE-2026-35503 was published Apr 24, 2026

A vulnerability exists in SenseLive X3050’s web management interface in which password updates... Critical Unreviewed

CVE-2026-39462 was published Apr 24, 2026

A vulnerability in SenseLive X3050’s embedded management service allows full administrative... Critical Unreviewed

CVE-2026-40620 was published Apr 24, 2026

A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and... Critical Unreviewed

CVE-2026-25775 was published Apr 24, 2026

A vulnerability exists in SenseLive X3050's web management interface that allows critical... Critical Unreviewed

CVE-2026-27843 was published Apr 24, 2026

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized... Critical Unreviewed

CVE-2026-33102 was published Apr 24, 2026

Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized... Critical Unreviewed

CVE-2026-32210 was published Apr 24, 2026

Improper access control in Microsoft Partner Center allows an authorized attacker to elevate... Critical Unreviewed

CVE-2026-24303 was published Apr 24, 2026

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve... Critical Unreviewed

CVE-2026-26210 was published Apr 24, 2026

Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute... Critical Unreviewed

CVE-2026-33819 was published Apr 24, 2026

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an... Critical Unreviewed

CVE-2026-35431 was published Apr 24, 2026

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Critical Unreviewed

CVE-2026-31178 was published Apr 23, 2026

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Critical Unreviewed

CVE-2026-31181 was published Apr 23, 2026

An issue in Ntfy ntfy.sh before v.2.21 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2026-39087 was published Apr 23, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,786 advisories