GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,859
Composer 5,836
Erlang 70
GitHub Actions 52
Go 3,880
Maven 6,587
npm 6,264
NuGet 958
pip 5,129
Pub 13
RubyGems 1,061
Rust 1,364
Swift 54

Unreviewed advisories

All unreviewed 303,055

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

145,009 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database... Moderate Unreviewed

CVE-2026-9100 was published May 20, 2026

A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have... Moderate Unreviewed

CVE-2026-20206 was published May 20, 2026

Prototype pollution in csv parsing logic during import can lead to untrusted file paths (but not... Moderate Unreviewed

CVE-2026-9101 was published May 20, 2026

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform... Moderate Unreviewed

CVE-2026-20240 was published May 20, 2026

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin'... Moderate Unreviewed

CVE-2026-20238 was published May 20, 2026

A flaw was found in Keycloak. The cross-session verification proof is keyed only by (local userId... Moderate Unreviewed

CVE-2026-9087 was published May 20, 2026

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit... Moderate Unreviewed

CVE-2026-8486 was published May 20, 2026

Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that... Moderate Unreviewed

CVE-2023-7346 was published May 20, 2026

A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could... Moderate Unreviewed

CVE-2026-20199 was published May 20, 2026

MISP’s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing... Moderate Unreviewed

CVE-2026-9084 was published May 20, 2026

Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows... Moderate Unreviewed

CVE-2026-8487 was published May 20, 2026

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting,... Moderate Unreviewed

CVE-2026-4293 was published May 20, 2026

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit... Moderate Unreviewed

CVE-2026-8488 was published May 20, 2026

A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco... Moderate Unreviewed

CVE-2026-20171 was published May 20, 2026

Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows... Moderate Unreviewed

CVE-2026-8485 was published May 20, 2026

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad... Moderate Unreviewed

CVE-2026-5950 was published May 20, 2026

The HCL DominoIQ RAG feature is affected by a Broken Access Control vulnerability. Under certain... Moderate Unreviewed

CVE-2026-21836 was published May 20, 2026

Missing Authorization vulnerability in ADD-ONS.ORG PDF for Elementor Forms + Drag And Drop... Moderate Unreviewed

CVE-2026-45443 was published May 20, 2026

Microsoft Defender Denial of Service Vulnerability Moderate Unreviewed

CVE-2026-45498 was published May 20, 2026

Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2026-27405 was published May 20, 2026

BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a... Moderate Unreviewed

CVE-2026-3592 was published May 20, 2026

Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows... Moderate Unreviewed

CVE-2026-27424 was published May 20, 2026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2026-24573 was published May 20, 2026

HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base... Moderate Unreviewed

CVE-2025-31973 was published May 20, 2026

Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client... Moderate Unreviewed

CVE-2026-0857 was published May 20, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

145,009 advisories