GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,263
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,484
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
312,446 advisories
Filter by severity
Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated...
Critical
Unreviewed
CVE-2026-58473
was published
Jul 7, 2026
GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability...
Moderate
Unreviewed
CVE-2026-58471
was published
Jul 7, 2026
GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability...
High
Unreviewed
CVE-2026-58469
was published
Jul 7, 2026
NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest...
Moderate
Unreviewed
CVE-2026-58468
was published
Jul 7, 2026
FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2...
High
Unreviewed
CVE-2026-58583
was published
Jul 7, 2026
LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models...
Critical
Unreviewed
CVE-2026-59707
was published
Jul 7, 2026
GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability...
Moderate
Unreviewed
CVE-2026-58472
was published
Jul 7, 2026
The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs...
High
Unreviewed
CVE-2026-59708
was published
Jul 7, 2026
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in...
Moderate
Unreviewed
CVE-2026-58470
was published
Jul 7, 2026
HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect...
High
Unreviewed
CVE-2026-7017
was published
Jul 7, 2026
An improper access check allows unauthorized users to access com_privacy datasets.
Moderate
Unreviewed
CVE-2026-48957
was published
Jul 7, 2026
An improper access check allows unauthorized users to access workflow stage and transition...
Moderate
Unreviewed
CVE-2026-48955
was published
Jul 7, 2026
An improper access check allows unauthorized users to create custom fields via webservices...
Moderate
Unreviewed
CVE-2026-48958
was published
Jul 7, 2026
An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant...
Moderate
Unreviewed
CVE-2026-44877
was published
Jul 7, 2026
An improper access check allows users to display a list of modules in the frontend.
Moderate
Unreviewed
CVE-2026-48956
was published
Jul 7, 2026
Lack of escaping leads to an XSS vulnerability in the generic image output layout.
Moderate
Unreviewed
CVE-2026-48953
was published
Jul 7, 2026
Improper validation leads to a generic XSS vector in the language override feature.
Moderate
Unreviewed
CVE-2026-48954
was published
Jul 7, 2026
Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components.
Moderate
Unreviewed
CVE-2026-48951
was published
Jul 7, 2026
Lack of escaping leads to an XSS vulnerability in the update list view of com_installer.
Moderate
Unreviewed
CVE-2026-48952
was published
Jul 7, 2026
An improper access check allows privileged users to overwrite media files without editing...
Moderate
Unreviewed
CVE-2026-48947
was published
Jul 7, 2026
Lack of escaping leads to an XSS vulnerability in the file management view of com_templates.
Moderate
Unreviewed
CVE-2026-48950
was published
Jul 7, 2026
Lack of validation leads to an XSS vulnerability in the MFA management views.
Moderate
Unreviewed
CVE-2026-48949
was published
Jul 7, 2026
An improper access check allows user to download vcard exports of com_contact contacts that are...
Moderate
Unreviewed
CVE-2026-48948
was published
Jul 7, 2026
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys...
High
Unreviewed
CVE-2026-57851
was published
Jul 7, 2026
Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the...
High
Unreviewed
CVE-2026-23698
was published
Jul 7, 2026
ProTip!
Advisories are also available from the
GraphQL API