GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,046
Composer 5,218
Erlang 40
GitHub Actions 40
Go 2,974
Maven 6,256
npm 4,621
NuGet 788
pip 4,317
Pub 12
RubyGems 984
Rust 1,131
Swift 49

Unreviewed advisories

All unreviewed 289,568

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,878 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA)... Critical Unreviewed

CVE-2026-1731 was published Feb 7, 2026

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary... Critical Unreviewed

CVE-2021-35942 was published May 24, 2022

Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service... Critical Unreviewed

CVE-2026-26333 was published Feb 13, 2026

Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured... Critical Unreviewed

CVE-2026-26335 was published Feb 13, 2026

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1... Critical Unreviewed

CVE-2025-69770 was published Feb 13, 2026

OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c. Critical Unreviewed

CVE-2021-38383 was published May 24, 2022

Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to... Critical Unreviewed

CVE-2025-34153 was published Aug 13, 2025

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due... Critical Unreviewed

CVE-2024-54819 was published Jan 7, 2025

Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer... Critical Unreviewed

CVE-2026-26221 was published Feb 13, 2026

Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting (XSS)... Critical Unreviewed

CVE-2025-68723 was published Feb 5, 2026

Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the... Critical Unreviewed

CVE-2025-68721 was published Feb 5, 2026

Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple... Critical Unreviewed

CVE-2026-1358 was published Feb 13, 2026

Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm... Critical Unreviewed

CVE-2019-25322 was published Feb 13, 2026

CordysCRM 1.4.1 is vulnerable to SQL Injection in the employee list query interface (/user/list)... Critical Unreviewed

CVE-2025-70981 was published Feb 12, 2026

A race condition was addressed with improved handling of symbolic links. This issue is fixed in... Critical Unreviewed

CVE-2026-20677 was published Feb 12, 2026

newbee-mall includes pre-seeded administrator accounts in its database initialization script.... Critical Unreviewed

CVE-2026-26218 was published Feb 12, 2026

newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The... Critical Unreviewed

CVE-2026-26219 was published Feb 12, 2026

webfsd 1.21 is vulnerable to a Buffer Overflow via a crafted request. This is due to the filename... Critical Unreviewed

CVE-2025-70314 was published Feb 12, 2026

Microsoft Configuration Manager Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-43468 was published Oct 8, 2024

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes... Critical Unreviewed

CVE-2025-70085 was published Feb 11, 2026

METIS DFS devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console... Critical Unreviewed

CVE-2026-2249 was published Feb 11, 2026

METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console... Critical Unreviewed

CVE-2026-2248 was published Feb 11, 2026

Galaxy FDS Android SDK (XiaoMi/galaxy-fds-sdk-android) version 3.0.8 and prior disable TLS... Critical Unreviewed

CVE-2026-26214 was published Feb 12, 2026

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker... Critical Unreviewed

CVE-2025-69634 was published Feb 12, 2026

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to... Critical Unreviewed

CVE-2025-67135 was published Feb 12, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,878 advisories