GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,043
Composer 5,887
Erlang 70
GitHub Actions 52
Go 3,904
Maven 6,602
npm 6,308
NuGet 967
pip 5,167
Pub 13
RubyGems 1,062
Rust 1,374
Swift 54

Unreviewed advisories

All unreviewed 304,472

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

159,159 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Authorization vulnerability in Wpmet ElementsKit Elementor addons Lite allows Exploiting... Moderate Unreviewed

CVE-2026-49052 was published May 27, 2026

Webmin before 2.640 allows mailboxes/detach.cgi XSS via an SVG document attachment that is viewed... Moderate Unreviewed

CVE-2026-49102 was published May 27, 2026

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a... Moderate Unreviewed

CVE-2026-48927 was published May 27, 2026

A cross-site request forgery (CSRF) vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6b_b_d... Moderate Unreviewed

CVE-2026-9674 was published May 27, 2026

Jenkins AppSpider Plugin 1.0.17 and earlier does not perform a permission check in a method... Moderate Unreviewed

CVE-2026-48923 was published May 27, 2026

A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and... Moderate Unreviewed

CVE-2026-48925 was published May 27, 2026

Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login,... Moderate Unreviewed

CVE-2026-48924 was published May 27, 2026

Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not perform a permission check in... Moderate Unreviewed

CVE-2026-48926 was published May 27, 2026

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed

CVE-2026-47119 was published May 27, 2026

Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default. Moderate Unreviewed

CVE-2026-48918 was published May 27, 2026

Jenkins LDAP Plugin 807.v7d7de30930cf and earlier follows LDAP referrals. Moderate Unreviewed

CVE-2026-48916 was published May 27, 2026

Jenkins LDAP Plugin 807.v7d7de30930cf and earlier deserializes data from LDAP referrals without... Moderate Unreviewed

CVE-2026-48917 was published May 27, 2026

Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without... Moderate Unreviewed

CVE-2026-48919 was published May 27, 2026

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled... Moderate Unreviewed

CVE-2026-6936 was published May 27, 2026

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote... Moderate Unreviewed

CVE-2026-6938 was published May 27, 2026

IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by... Moderate Unreviewed

CVE-2026-7254 was published May 27, 2026

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection... Moderate Unreviewed

CVE-2026-8405 was published May 27, 2026

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed... Moderate Unreviewed

CVE-2026-9035 was published May 27, 2026

A flaw was found in Keycloak. An authenticated user with low privileges can exploit this... Moderate Unreviewed

CVE-2026-9704 was published May 27, 2026

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... Moderate Unreviewed

CVE-2026-9617 was published May 27, 2026

IBM Business Automation Workflow containers and traditional may leak information about its... Moderate Unreviewed

CVE-2026-1248 was published May 27, 2026

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the delete.php endpoint of... Moderate Unreviewed

CVE-2026-30498 was published May 27, 2026

IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application... Moderate Unreviewed

CVE-2026-5516 was published May 27, 2026

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in... Moderate Unreviewed

CVE-2026-47104 was published May 27, 2026

Missing Authorization vulnerability in WebToffee Product Import Export for WooCommerce allows... Moderate Unreviewed

CVE-2026-48971 was published May 27, 2026

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

159,159 advisories