GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 14,682
Composer 2,818
Erlang 23
GitHub Actions 38
Go 2,203
Maven 2,576
npm 2,819
NuGet 487
pip 2,656
Pub 5
RubyGems 328
Rust 877
Swift 19

Unreviewed advisories

All unreviewed 135,048

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

135,048 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An authenticated attacker can persist crafted values in multiple field types and trigger client... Moderate Unreviewed

CVE-2026-3837 was published Apr 22, 2026

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability... Moderate Unreviewed

CVE-2026-41459 was published Apr 22, 2026

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability... High Unreviewed

CVE-2026-34414 was published Apr 22, 2026

Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy, allowing unrestricted... Moderate Unreviewed

CVE-2026-41469 was published Apr 22, 2026

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation... Critical Unreviewed

CVE-2026-34415 was published Apr 22, 2026

Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known... Critical Unreviewed

CVE-2026-41468 was published Apr 22, 2026

http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for... Low Unreviewed

CVE-2026-6019 was published Apr 22, 2026

An authenticated attacker can store a crafted tag value in _user_tags and trigger JavaScript... Moderate Unreviewed

CVE-2026-3673 was published Apr 22, 2026

Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7... High Unreviewed

CVE-2026-26354 was published Apr 22, 2026

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and... Unknown Unreviewed

CVE-2026-28950 was published Apr 22, 2026

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in... High Unreviewed

CVE-2026-34413 was published Apr 22, 2026

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2026-1852 was published Apr 22, 2026

The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2026-6293 was published Apr 22, 2026

The WM JqMath plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style'... Moderate Unreviewed

CVE-2026-3998 was published Apr 22, 2026

The Coachific Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-4005 was published Apr 22, 2026

The Petje.af plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2026-4002 was published Apr 22, 2026

The Power Charts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-4011 was published Apr 22, 2026

The Quick Interest Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2026-5694 was published Apr 22, 2026

The WP Circliful plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id'... Moderate Unreviewed

CVE-2026-3659 was published Apr 22, 2026

The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all... Moderate Unreviewed

CVE-2026-3649 was published Apr 22, 2026

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2026-3461 was published Apr 22, 2026

The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API... High Unreviewed

CVE-2026-3643 was published Apr 22, 2026

The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up... High Unreviewed

CVE-2026-5617 was published Apr 22, 2026

The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-5717 was published Apr 22, 2026

The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2026-4091 was published Apr 22, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

135,048 advisories