Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

14,542 advisories

Loading
Symfony's YAML Parser has a ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex Low
CVE-2026-45305 was published for symfony/symfony (Composer) May 27, 2026
Symfony's YAML Parser Vulnerable to Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs") Low
CVE-2026-45304 was published for symfony/symfony (Composer) May 27, 2026
Symfony hardened the parser when handling untrusted input Low
CVE-2026-45133 was published for symfony/symfony (Composer) May 27, 2026
nicolas-grekas Credited to nicolas-grekas and suidpit suidpit suidpit
Symfony Vulnerable to stored XSS in WebProfiler CodeExtension::fileExcerpt() — Unescaped Non-PHP File Rendering Low
CVE-2026-45072 was published for symfony/symfony (Composer) May 27, 2026
Symfony has XXE (Local File Disclosure) in DomCrawler::addXmlContent() via validateOnParse = true Low
CVE-2026-45071 was published for symfony/dom-crawler (Composer) May 27, 2026
When creating an export through the pretix API, API clients are returned an UUID value for their... Low Unreviewed
CVE-2026-9712 was published May 27, 2026
Incorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station... Low Unreviewed
CVE-2024-47272 was published May 27, 2026
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-47267 was published May 27, 2026
Improper preservation of permissions vulnerability in Archiving Push functionality in Synology... Low Unreviewed
CVE-2024-47270 was published May 27, 2026
A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown... Low Unreviewed
CVE-2026-9608 was published May 27, 2026
A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of... Low Unreviewed
CVE-2026-9609 was published May 27, 2026
A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is... Low Unreviewed
CVE-2026-9607 was published May 27, 2026
A vulnerability was detected in JeecgBoot up to 3.9.1. This vulnerability affects unknown code of... Low Unreviewed
CVE-2026-9604 was published May 27, 2026
A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of... Low Unreviewed
CVE-2026-9579 was published May 26, 2026
A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive... Low Unreviewed
CVE-2026-9583 was published May 26, 2026
A security flaw has been discovered in SourceCodester CET Automated Grading System with AI... Low Unreviewed
CVE-2026-9582 was published May 26, 2026
A vulnerability was identified in JeecgBoot up to 3.9.1. The impacted element is an unknown... Low Unreviewed
CVE-2026-9581 was published May 26, 2026
SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker with... Low Unreviewed
CVE-2025-68708 was published May 26, 2026
AppLockZ App Lock and Fingerprint Lock (applock.passwordfingerprint.applockz) 4.2.11 for Android... Low Unreviewed
CVE-2025-68711 was published May 26, 2026
Easyelife App lock (aka Fingerprint,Applock or locker.app.safe.applocker) 1.9.2 for Android... Low Unreviewed
CVE-2025-68710 was published May 26, 2026
A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the... Low Unreviewed
CVE-2026-9572 was published May 26, 2026
A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is... Low Unreviewed
CVE-2026-9568 was published May 26, 2026
Pterodactyl has a database resource limit bypass via race condition in Client API Low
CVE-2026-35202 was published for pterodactyl/panel (Composer) May 26, 2026
UDPSendToFailed Credited to UDPSendToFailed
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment... Low Unreviewed
CVE-2026-9567 was published May 26, 2026
A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function... Low Unreviewed
CVE-2026-9566 was published May 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database