Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12,316 advisories

Loading
Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because... Low Unreviewed
CVE-2026-8139 was published May 22, 2026
Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer... Low Unreviewed
CVE-2026-44071 was published May 21, 2026
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in... Low Unreviewed
CVE-2026-44074 was published May 21, 2026
A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a... Low Unreviewed
CVE-2026-44075 was published May 21, 2026
A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in... Low Unreviewed
CVE-2026-44057 was published May 21, 2026
A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through... Low Unreviewed
CVE-2026-7837 was published May 21, 2026
An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2... Low Unreviewed
CVE-2026-44070 was published May 21, 2026
A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated... Low Unreviewed
CVE-2026-7835 was published May 21, 2026
An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper... Low Unreviewed
CVE-2026-7836 was published May 21, 2026
Netatalk 2.2.1 through 4.4.2 calls system() after a failed chdir() without properly handling the... Low Unreviewed
CVE-2026-44072 was published May 21, 2026
An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local... Low Unreviewed
CVE-2026-44069 was published May 21, 2026
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or... Low Unreviewed
CVE-2025-31985 was published May 20, 2026
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View... Low Unreviewed
CVE-2026-8491 was published May 20, 2026
Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with... Low Unreviewed
CVE-2026-8492 was published May 20, 2026
An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network ... Low Unreviewed
CVE-2025-14575 was published May 19, 2026
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin... Low Unreviewed
CVE-2026-7860 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-28751 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-27781 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-25110 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-33565 was published May 19, 2026
Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape... Low Unreviewed
CVE-2026-47090 was published May 18, 2026
Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to... Low Unreviewed
CVE-2026-45244 was published May 18, 2026
Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from... Low Unreviewed
CVE-2026-4643 was published May 18, 2026
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when... Low Unreviewed
CVE-2026-6333 was published May 18, 2026
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to check if {{team_id}} was being... Low Unreviewed
CVE-2026-4286 was published May 18, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database