Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,512 advisories

Loading
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers... Low Unreviewed
CVE-2026-0403 was published Jan 13, 2026
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow... Low Unreviewed
CVE-2026-22885 was published Feb 20, 2026
HCL Connections is vulnerable to information disclosure. In a very specific user navigation... Low Unreviewed
CVE-2025-52603 was published Feb 20, 2026
Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Unreviewed
CVE-2025-65046 was published Dec 19, 2025
An integer underflow vulnerability in Silicon Labs Secure NCP host implementation allows a buffer... Low Unreviewed
CVE-2025-14055 was published Feb 20, 2026
An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and... Low Unreviewed
CVE-2025-14547 was published Feb 20, 2026
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud... Low Unreviewed
CVE-2026-20137 was published Feb 18, 2026
Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook... Low Unreviewed
CVE-2026-25423 was published Feb 19, 2026
SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area for certain edge-case... Low Unreviewed
CVE-2026-26345 was published Feb 19, 2026
The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions... Low Unreviewed
CVE-2025-14270 was published Feb 19, 2026
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some... Low Unreviewed
CVE-2026-2702 was published Feb 19, 2026
A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function... Low Unreviewed
CVE-2026-2555 was published Feb 16, 2026
A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register... Low Unreviewed
CVE-2025-8860 was published Feb 18, 2026
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source... Low Unreviewed
CVE-2025-12343 was published Feb 18, 2026
A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and... Low Unreviewed
CVE-2026-20656 was published Feb 12, 2026
An Authentication Bypass vulnerability existed where the application bundled an interpreter ... Low Unreviewed
CVE-2025-14714 was published Dec 15, 2025
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info:... Low Unreviewed
CVE-2026-2656 was published Feb 18, 2026
A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function... Low Unreviewed
CVE-2026-2655 was published Feb 18, 2026
The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Low Unreviewed
CVE-2026-1582 was published Feb 18, 2026
An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A... Low Unreviewed
CVE-2026-20642 was published Feb 12, 2026
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized... Low Unreviewed
CVE-2026-1831 was published Feb 18, 2026
The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to... Low Unreviewed
CVE-2026-2419 was published Feb 18, 2026
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because... Low Unreviewed
CVE-2026-27171 was published Feb 18, 2026
IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload... Low Unreviewed
CVE-2025-36183 was published Feb 18, 2026
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in phpgurukul Gym... Low Unreviewed
CVE-2024-55271 was published Feb 17, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database