GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,402
Composer 5,653
Erlang 49
GitHub Actions 50
Go 3,599
Maven 6,431
npm 5,897
NuGet 924
pip 4,828
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,294

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

143,258 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to... Moderate Unreviewed

CVE-2026-6980 was published Apr 25, 2026

A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this... Moderate Unreviewed

CVE-2026-6982 was published Apr 25, 2026

A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to... Moderate Unreviewed

CVE-2026-6981 was published Apr 25, 2026

A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the... Moderate Unreviewed

CVE-2026-6979 was published Apr 25, 2026

A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function... Moderate Unreviewed

CVE-2026-6978 was published Apr 25, 2026

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is... Moderate Unreviewed

CVE-2026-6977 was published Apr 25, 2026

CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI... Moderate Unreviewed

CVE-2026-41472 was published Apr 24, 2026

A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low... Moderate Unreviewed

CVE-2025-67259 was published Apr 24, 2026

In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution... Moderate Unreviewed

CVE-2025-59308 was published Apr 24, 2026

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection... Moderate Unreviewed

CVE-2026-42095 was published Apr 24, 2026

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a... Moderate Unreviewed

CVE-2026-5265 was published Apr 24, 2026

Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via... Moderate Unreviewed

CVE-2025-61872 was published Apr 24, 2026

The asset dependency graph did not restrict nodes by the viewer's DAG read permissions: a user... Moderate Unreviewed

CVE-2026-40690 was published Apr 24, 2026

The authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in... Moderate Unreviewed

CVE-2026-38743 was published Apr 24, 2026

Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-12-01 allows a remote... Moderate Unreviewed

CVE-2026-31050 was published Apr 24, 2026

An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of... Moderate Unreviewed

CVE-2026-31052 was published Apr 24, 2026

Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This... Moderate Unreviewed

CVE-2025-62233 was published Apr 24, 2026

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2026-41043 was published Apr 24, 2026

The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11762 was published Apr 24, 2026

The Taqnix plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2026-3565 was published Apr 24, 2026

The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2026-3569 was published Apr 24, 2026

The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple... Moderate Unreviewed

CVE-2026-4078 was published Apr 24, 2026

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up... Moderate Unreviewed

CVE-2026-5347 was published Apr 24, 2026

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-5428 was published Apr 24, 2026

The ExactMetrics – Google Analytics Dashboard for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-5488 was published Apr 24, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

143,258 advisories