GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,043
Composer 5,887
Erlang 70
GitHub Actions 52
Go 3,904
Maven 6,602
npm 6,308
NuGet 967
pip 5,167
Pub 13
RubyGems 1,062
Rust 1,374
Swift 54

Unreviewed advisories

All unreviewed 304,499

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12,316 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insufficient logging in the entry export feature in Devolutions Server allows an authenticated... Low Unreviewed

CVE-2026-9247 was published May 26, 2026

Authorization bypass in the entry duplication feature in Devolutions Server allows an... Low Unreviewed

CVE-2026-9248 was published May 26, 2026

Unverified password change in Devolutions Server allows an attacker to change a user's password... Low Unreviewed

CVE-2026-9249 was published May 26, 2026

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature... Low Unreviewed

CVE-2026-8477 was published May 26, 2026

Concrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersion. Victim with... Low Unreviewed

CVE-2026-8340 was published May 26, 2026

Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express... Low Unreviewed

CVE-2026-8347 was published May 26, 2026

Concrete CMS version 9.0 to 9.5.0 is vulnerable to Stored XSS via page name in the Atomik theme.... Low Unreviewed

CVE-2026-8353 was published May 26, 2026

STER uses unencrypted TCP traffic to transmit data over the network. It allows an attacker to... Low Unreviewed

CVE-2026-25608 was published May 26, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8432 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8435 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8434 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8409 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8410 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8411 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8415 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8412 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8413 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8416 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8414 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8427 was published May 22, 2026

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete... Low Unreviewed

CVE-2026-8433 was published May 22, 2026

Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because... Low Unreviewed

CVE-2026-8139 was published May 22, 2026

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A... Low Unreviewed

CVE-2026-7887 was published May 22, 2026

Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF... Low Unreviewed

CVE-2026-7882 was published May 22, 2026

In Concrete CMS 9.5.0 and below, the RSS Displayer block accepts a feed URL from any page editor... Low Unreviewed

CVE-2026-7890 was published May 22, 2026

Previous 1…6…400 Next

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,316 advisories