GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,466
Composer 5,807
Erlang 58
GitHub Actions 50
Go 3,799
Maven 6,560
npm 6,147
NuGet 938
pip 5,036
Pub 13
RubyGems 1,059
Rust 1,351
Swift 54

Unreviewed advisories

All unreviewed 302,290

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an... Critical Unreviewed

CVE-2026-40379 was published May 12, 2026

Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to... Critical Unreviewed

CVE-2026-25199 was published May 8, 2026

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized... Critical Unreviewed

CVE-2026-42826 was published May 8, 2026

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path... Critical Unreviewed

CVE-2026-7381 was published Apr 30, 2026

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an... Critical Unreviewed

CVE-2026-21515 was published Apr 24, 2026

A sensitive information exposure vulnerability exists in ArthurFiorette steam-trader 2.1.1. An... Critical Unreviewed

CVE-2026-5128 was published Mar 30, 2026

Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote,... Critical Unreviewed

CVE-2025-60949 was published Mar 24, 2026

OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the... Critical Unreviewed

CVE-2026-32865 was published Mar 19, 2026

The Agentspace service was affected by a vulnerability that exposed sensitive information due to... Critical Unreviewed

CVE-2026-1727 was published Feb 7, 2026

Access control settings for forum post custom fields are not applied to the JSON output type,... Critical Unreviewed

CVE-2026-21626 was published Feb 6, 2026

Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an... Critical Unreviewed

CVE-2026-0905 was published Jan 20, 2026

The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation.... Critical Unreviewed

CVE-2026-22237 was published Jan 14, 2026

The vulnerability exists in BLUVOYIX due to an improper password storage implementation and... Critical Unreviewed

CVE-2026-22240 was published Jan 14, 2026

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet... Critical Unreviewed

CVE-2025-47855 was published Jan 13, 2026

A vulnerability has been identified in the ServiceNow AI Platform that could enable an... Critical Unreviewed

CVE-2025-12420 was published Jan 13, 2026

This vulnerability allows a Backup or Tape Operator to write files as root. Critical Unreviewed

CVE-2025-59469 was published Jan 8, 2026

The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive... Critical Unreviewed

CVE-2025-11693 was published Dec 13, 2025

An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can... Critical Unreviewed

CVE-2025-65820 was published Dec 10, 2025

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are... Critical Unreviewed

CVE-2025-54304 was published Dec 4, 2025

An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers... Critical Unreviewed

CVE-2025-63729 was published Nov 25, 2025

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (... Critical Unreviewed

CVE-2025-63958 was published Nov 24, 2025

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR... Critical Unreviewed

CVE-2017-20210 was published Nov 11, 2025

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Critical Unreviewed

CVE-2025-11749 was published Nov 5, 2025

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1... Critical Unreviewed

CVE-2025-29270 was published Oct 31, 2025

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12363 was published Oct 27, 2025

Previous1…10 Next

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240 advisories