GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,402
Composer 5,653
Erlang 49
GitHub Actions 50
Go 3,599
Maven 6,431
npm 5,897
NuGet 924
pip 4,828
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,291

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,224 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp... High Unreviewed

CVE-2026-42171 was published Apr 25, 2026

CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI... High Unreviewed

CVE-2026-41473 was published Apr 24, 2026

A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 ... High Unreviewed

CVE-2026-5367 was published Apr 24, 2026

Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with... High Unreviewed

CVE-2026-23902 was published Apr 24, 2026

Improper Input Validation, Improper Control of Generation of Code ('Code Injection')... High Unreviewed

CVE-2026-41044 was published Apr 24, 2026

Improper Input Validation, Improper Control of Generation of Code ('Code Injection')... High Unreviewed

CVE-2026-40466 was published Apr 24, 2026

P4 Server versions prior to 2026.1 are configured with insecure default settings that, when... High Unreviewed

CVE-2026-6043 was published Apr 24, 2026

Tempo queries with large limits can cause large memory allocations which can impact the... High Unreviewed

CVE-2026-21728 was published Apr 24, 2026

A client holding only a read JWT scope can still register itself as a signal provider through the... High Unreviewed

CVE-2026-6272 was published Apr 24, 2026

The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2026-5364 was published Apr 24, 2026

DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability,... High Unreviewed

CVE-2026-6947 was published Apr 24, 2026

A vulnerability in SenseLive X3050's web management interface allows state-changing operations to... High Unreviewed

CVE-2026-27841 was published Apr 24, 2026

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of... High Unreviewed

CVE-2026-35064 was published Apr 24, 2026

A vulnerability in SenseLive X3050's web management interface allows critical system and network... High Unreviewed

CVE-2026-40623 was published Apr 24, 2026

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated... High Unreviewed

CVE-2026-41359 was published Apr 24, 2026

Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to... High Unreviewed

CVE-2026-26150 was published Apr 24, 2026

Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to... High Unreviewed

CVE-2026-32172 was published Apr 24, 2026

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that... High Unreviewed

CVE-2026-41334 was published Apr 24, 2026

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR... High Unreviewed

CVE-2026-41336 was published Apr 24, 2026

OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to... High Unreviewed

CVE-2026-41349 was published Apr 24, 2026

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles... High Unreviewed

CVE-2026-41353 was published Apr 24, 2026

OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired... High Unreviewed

CVE-2026-41352 was published Apr 24, 2026

OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote... High Unreviewed

CVE-2026-41342 was published Apr 24, 2026

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in... High Unreviewed

CVE-2026-28525 was published Apr 23, 2026

A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to... High Unreviewed

CVE-2026-6376 was published Apr 23, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

113,224 advisories