Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

159,159 advisories

Loading
Symfony has a UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection Moderate
CVE-2026-45065 was published for symfony/routing (Composer) May 27, 2026
Lack of output escaping leads to a XSS vector in the feed modules. Moderate Unreviewed
CVE-2026-25900 was published May 26, 2026
Lack of output escaping leads to a XSS vector in the content history component. Moderate Unreviewed
CVE-2026-30894 was published May 26, 2026
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for... Moderate Unreviewed
CVE-2026-35221 was published May 26, 2026
Lack of output escaping leads to a XSS vector in the multilingual associations component. Moderate Unreviewed
CVE-2026-25901 was published May 26, 2026
Lack of output escaping leads to a XSS vector in the readmore links for com_content. Moderate Unreviewed
CVE-2026-30895 was published May 26, 2026
Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of... Moderate Unreviewed
CVE-2026-35220 was published May 26, 2026
A vulnerability was found in Dígitro NGC Explorer up to 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4528 was published May 11, 2025
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21626 was published Oct 19, 2022
A vulnerability, which was classified as problematic, was found in Dígitro NGC Explorer 3.44.15.... Moderate Unreviewed
CVE-2025-4526 was published May 11, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive... Moderate Unreviewed
CVE-2026-23292 was published Mar 25, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21360 was published Feb 11, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21540 was published Jul 20, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21549 was published Jul 20, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21296 was published Feb 11, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21341 was published Feb 11, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21305 was published Feb 11, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Moderate Unreviewed
CVE-2022-21366 was published Jan 20, 2022
Missing Authorization vulnerability in Benbodhi SVG Support allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-48973 was published May 27, 2026
Missing Authorization vulnerability in Wpmet ElementsKit Elementor addons Lite allows Exploiting... Moderate Unreviewed
CVE-2026-49053 was published May 27, 2026
Missing Authorization vulnerability in WP Media Adminimize allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-49045 was published May 27, 2026
Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2026-49047 was published May 27, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-49044 was published May 27, 2026
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Facebook Facebook for... Moderate Unreviewed
CVE-2026-49059 was published May 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database