GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,428
Composer 5,654
Erlang 49
GitHub Actions 50
Go 3,606
Maven 6,433
npm 5,910
NuGet 924
pip 4,831
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,311

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299,311 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0... High Unreviewed

CVE-2025-54756 was published Feb 12, 2026

An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a... High Unreviewed

CVE-2025-70886 was published Feb 12, 2026

An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an... Moderate Unreviewed

CVE-2025-69752 was published Feb 12, 2026

In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. High Unreviewed

CVE-2025-61880 was published Feb 12, 2026

Galaxy FDS Android SDK (XiaoMi/galaxy-fds-sdk-android) version 3.0.8 and prior disable TLS... Critical Unreviewed

CVE-2026-26214 was published Feb 12, 2026

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2025-13002 was published Feb 12, 2026

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few... Moderate Unreviewed

CVE-2026-2003 was published Feb 12, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-10969 was published Feb 12, 2026

Missing validation of multibyte character length in PostgreSQL text manipulation allows a... High Unreviewed

CVE-2026-2006 was published Feb 12, 2026

An unintended proxy or intermediary in the AMD power management firmware (PMFW) could allow a... High Unreviewed

CVE-2023-31313 was published Feb 12, 2026

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary... High Unreviewed

CVE-2026-2005 was published Feb 12, 2026

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to... High Unreviewed

CVE-2026-1320 was published Feb 12, 2026

Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via... High Unreviewed

CVE-2026-2007 was published Feb 12, 2026

The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to... High Unreviewed

CVE-2026-1104 was published Feb 12, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing... Critical Unreviewed

CVE-2025-14014 was published Feb 12, 2026

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator... High Unreviewed

CVE-2026-2004 was published Feb 12, 2026

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce... Moderate Unreviewed

CVE-2025-13004 was published Feb 12, 2026

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2026-1316 was published Feb 12, 2026

The Activity Log for WordPress plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed

CVE-2026-1671 was published Feb 12, 2026

The affected devices do not validate the server certificate when connecting to the SolaX Cloud... Critical Unreviewed

CVE-2025-15573 was published Feb 12, 2026

The firmware update functionality does not verify the authenticity of the supplied firmware... Moderate Unreviewed

CVE-2025-15575 was published Feb 12, 2026

The Converter for Media – Optimize images | Convert WebP & AVIF plugin for WordPress is... Moderate Unreviewed

CVE-2026-1356 was published Feb 12, 2026

Reflected Cross-Site Scripting (XSS) vulnerability in the Wix web application, where the endpoint... Moderate Unreviewed

CVE-2026-2276 was published Feb 12, 2026

When connecting to the Solax Cloud MQTT server the username is the "registration number", which... Moderate Unreviewed

CVE-2025-15574 was published Feb 12, 2026

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject... Moderate Unreviewed

CVE-2025-41117 was published Feb 12, 2026

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299,311 advisories