Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

297,382 advisories

Loading
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly... Critical Unreviewed
CVE-2026-34621 was published Apr 11, 2026
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to... High Unreviewed
CVE-2026-5809 was published Apr 11, 2026
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2026-5059 was published Apr 11, 2026
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure... High Unreviewed
CVE-2026-4155 was published Apr 11, 2026
Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution... High Unreviewed
CVE-2026-5496 was published Apr 11, 2026
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-3498 was published Apr 11, 2026
NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2026-5054 was published Apr 11, 2026
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution... High Unreviewed
CVE-2026-5495 was published Apr 11, 2026
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2026-4895 was published Apr 11, 2026
KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation... High Unreviewed
CVE-2026-4158 was published Apr 11, 2026
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2026-5055 was published Apr 11, 2026
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-3371 was published Apr 11, 2026
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization... High Unreviewed
CVE-2026-5217 was published Apr 11, 2026
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all... High Unreviewed
CVE-2026-5144 was published Apr 11, 2026
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2026-4154 was published Apr 11, 2026
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-3358 was published Apr 11, 2026
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin... Moderate Unreviewed
CVE-2026-4979 was published Apr 11, 2026
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in... Moderate Unreviewed
CVE-2026-5207 was published Apr 11, 2026
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2026-5226 was published Apr 11, 2026
ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2026-4156 was published Apr 11, 2026
NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability... High Unreviewed
CVE-2026-5053 was published Apr 11, 2026
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-4153 was published Apr 11, 2026
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows... Critical Unreviewed
CVE-2026-5058 was published Apr 11, 2026
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution... High Unreviewed
CVE-2026-5494 was published Apr 11, 2026
ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-4157 was published Apr 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database