Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,080
Maven
5,000+
npm
5,000+
NuGet
994
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,412
Swift
61
Unreviewed advisories
All unreviewed
5,000+

213 advisories

Loading
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a... Low Unreviewed
CVE-2026-12458 was published Jun 17, 2026
Symfony: HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks and Unicode Whitespace Bypass Visual-Spoofing Defense Moderate
CVE-2026-48760 was published for symfony/html-sanitizer (Composer) Jun 15, 2026
tob-scott-a Credited to tob-scott-a and nicolas-grekas nicolas-grekas nicolas-grekas
OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing... High Unreviewed
CVE-2026-53829 was published Jun 13, 2026
User interface (ui) misrepresentation of critical information in Microsoft Bing allows an... Moderate Unreviewed
CVE-2026-45650 was published Jun 9, 2026
Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53... Moderate Unreviewed
CVE-2026-11286 was published Jun 5, 2026
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11300 was published Jun 5, 2026
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53... Moderate Unreviewed
CVE-2026-11285 was published Jun 5, 2026
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11294 was published Jun 5, 2026
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11254 was published Jun 5, 2026
Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11227 was published Jun 5, 2026
Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11225 was published Jun 5, 2026
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11245 was published Jun 5, 2026
Inappropriate implementation in File Input in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11228 was published Jun 5, 2026
Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11232 was published Jun 5, 2026
Inappropriate implementation in Cronet in Google Chrome on Android prior to 149.0.7827.53 allowed... Moderate Unreviewed
CVE-2026-11215 was published Jun 5, 2026
Incorrect security UI in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11216 was published Jun 5, 2026
Incorrect security UI in Tab Strip in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11222 was published Jun 5, 2026
Incorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a... High Unreviewed
CVE-2026-11175 was published Jun 5, 2026
Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53... High Unreviewed
CVE-2026-11172 was published Jun 5, 2026
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11107 was published Jun 5, 2026
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11001 was published Jun 5, 2026
Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53... Moderate Unreviewed
CVE-2026-10984 was published Jun 5, 2026
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into... High Unreviewed
CVE-2026-0094 was published Jun 2, 2026
In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into... High Unreviewed
CVE-2026-0096 was published Jun 2, 2026
In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to... High Unreviewed
CVE-2026-0093 was published Jun 2, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database