GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,043
Composer 5,887
Erlang 70
GitHub Actions 52
Go 3,904
Maven 6,602
npm 6,308
NuGet 967
pip 5,167
Pub 13
RubyGems 1,062
Rust 1,374
Swift 54

Unreviewed advisories

All unreviewed 304,472

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

145,536 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Versions of the package json-2-csv from 3.15.0 and before 5.5.11 are vulnerable to CSV Injection... Moderate Unreviewed

CVE-2026-9673 was published May 28, 2026

A flaw was found in Keycloak, an open-source identity and access management solution. When a user... Moderate Unreviewed

CVE-2026-9798 was published May 28, 2026

The Meta Field Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed

CVE-2026-3173 was published May 28, 2026

The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2026-7533 was published May 28, 2026

The Independent Analytics plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed

CVE-2026-5737 was published May 28, 2026

A flaw was found in Keycloak's Client Policies, specifically within the `org.keycloak.protocol... Moderate Unreviewed

CVE-2026-9792 was published May 28, 2026

A flaw was found in Keycloak. An authenticated user with existing organization membership can... Moderate Unreviewed

CVE-2026-9791 was published May 28, 2026

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-9241 was published May 28, 2026

A flaw was found in Keycloak. When a JSON Web Encryption (JWE) encrypted request object is... Moderate Unreviewed

CVE-2026-9793 was published May 28, 2026

The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed

CVE-2026-9228 was published May 28, 2026

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability... Moderate Unreviewed

CVE-2026-9794 was published May 28, 2026

A flaw was found in Keycloak. An authenticated administrator with the `manage-clients` role can... Moderate Unreviewed

CVE-2026-9796 was published May 28, 2026

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm... Moderate Unreviewed

CVE-2026-9801 was published May 28, 2026

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated... Moderate Unreviewed

CVE-2026-9803 was published May 28, 2026

The LiveSmart Video Chat Live Video Chat plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-9644 was published May 28, 2026

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session... Moderate Unreviewed

CVE-2026-9802 was published May 28, 2026

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization... Moderate Unreviewed

CVE-2026-32591 was published Apr 8, 2026

A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by... Moderate Unreviewed

CVE-2026-2377 was published Apr 8, 2026

The Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder plugin for... Moderate Unreviewed

CVE-2026-4888 was published May 28, 2026

A stored cross-site scripting (XSS) vulnerability in the /admin/config-module.php component of... Moderate Unreviewed

CVE-2026-38931 was published May 27, 2026

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the delete.php endpoint of... Moderate Unreviewed

CVE-2026-30498 was published May 27, 2026

ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of... Moderate Unreviewed

CVE-2026-9759 was published May 27, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 11.5 before 18.10.7, 18... Moderate Unreviewed

CVE-2026-2601 was published May 27, 2026

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7,... Moderate Unreviewed

CVE-2026-1402 was published May 27, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.10.7, 18... Moderate Unreviewed

CVE-2026-5296 was published May 27, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

145,536 advisories