GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,043
Composer 5,887
Erlang 70
GitHub Actions 52
Go 3,904
Maven 6,602
npm 6,308
NuGet 967
pip 5,167
Pub 13
RubyGems 1,062
Rust 1,374
Swift 54

Unreviewed advisories

All unreviewed 304,499

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,186 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers... Critical Unreviewed

CVE-2026-4408 was published May 28, 2026

This vulnerability in Veeam Service Provider Console allows for remote code execution. Critical Unreviewed

CVE-2026-32998 was published May 28, 2026

Insufficient character filtering in backup agent signing module on Comet Backup server allows... Critical Unreviewed

CVE-2026-32999 was published May 28, 2026

Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase,... Critical Unreviewed

CVE-2026-9739 was published May 28, 2026

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long... Critical Unreviewed

CVE-2026-8363 was published May 27, 2026

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long... Critical Unreviewed

CVE-2026-8362 was published May 27, 2026

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP... Critical Unreviewed

CVE-2026-8364 was published May 27, 2026

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the... Critical Unreviewed

CVE-2026-49103 was published May 27, 2026

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation... Critical Unreviewed

CVE-2026-7524 was published May 27, 2026

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed... Critical Unreviewed

CVE-2026-8175 was published May 27, 2026

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can... Critical Unreviewed

CVE-2026-35087 was published May 27, 2026

In Slican telephone exchanges it is possible to manage the control panel remotely. An... Critical Unreviewed

CVE-2026-35090 was published May 27, 2026

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the... Critical Unreviewed

CVE-2026-48906 was published May 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-42740 was published May 27, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo... Critical Unreviewed

CVE-2026-42748 was published May 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-42761 was published May 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-42747 was published May 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-42755 was published May 27, 2026

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar... Critical Unreviewed

CVE-2026-42758 was published May 27, 2026

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2026-42757 was published May 27, 2026

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2026-42756 was published May 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2026-42727 was published May 27, 2026

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange... Critical Unreviewed

CVE-2026-42731 was published May 27, 2026

Access control failure means that an application does not effectively check user access... Critical Unreviewed

CVE-2026-49002 was published May 27, 2026

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in the... Critical Unreviewed

CVE-2026-8054 was published May 27, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,186 advisories