GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,215
Composer 5,632
Erlang 49
GitHub Actions 49
Go 3,549
Maven 6,424
npm 5,851
NuGet 917
pip 4,798
Pub 13
RubyGems 1,038
Rust 1,237
Swift 53

Unreviewed advisories

All unreviewed 298,233

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

298,233 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows... High Unreviewed

CVE-2026-5720 was published Apr 18, 2026

The Easy Appointments plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed

CVE-2026-2262 was published Apr 18, 2026

The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-2434 was published Apr 18, 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Unknown Unreviewed

CVE-2026-5250 was published Apr 18, 2026

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling... High Unreviewed

CVE-2026-29013 was published Apr 18, 2026

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj... High Unreviewed

CVE-2026-40527 was published Apr 17, 2026

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo... Moderate Unreviewed

CVE-2026-33093 was published Apr 17, 2026

Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP ... High Unreviewed

CVE-2026-40434 was published Apr 17, 2026

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that... High Unreviewed

CVE-2026-35682 was published Apr 17, 2026

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted ... Critical Unreviewed

CVE-2026-35546 was published Apr 17, 2026

Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to... Moderate Unreviewed

CVE-2026-33569 was published Apr 17, 2026

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug ... High Unreviewed

CVE-2026-40461 was published Apr 17, 2026

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved... Moderate Unreviewed

CVE-2026-35061 was published Apr 17, 2026

Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The ... High Unreviewed

CVE-2026-40066 was published Apr 17, 2026

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug ... Moderate Unreviewed

CVE-2026-32648 was published Apr 17, 2026

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable ... High Unreviewed

CVE-2026-32650 was published Apr 17, 2026

Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key ... High Unreviewed

CVE-2026-32324 was published Apr 17, 2026

OpenViking prior to commit c7bb167 contains an authentication bypass vulnerability in the... Critical Unreviewed

CVE-2026-40525 was published Apr 17, 2026

Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to... Moderate Unreviewed

CVE-2026-31927 was published Apr 17, 2026

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed

CVE-2026-5718 was published Apr 17, 2026

ByteDance DeerFlow before commit 2176b2b contains a path traversal and arbitrary file write... High Unreviewed

CVE-2026-40518 was published Apr 17, 2026

OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the... High Unreviewed

CVE-2026-40516 was published Apr 17, 2026

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed

CVE-2026-5710 was published Apr 17, 2026

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain... High Unreviewed

CVE-2026-21733 was published Apr 17, 2026

The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due... High Unreviewed

CVE-2026-3464 was published Apr 17, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

298,233 advisories