GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,466
Composer 5,807
Erlang 58
GitHub Actions 50
Go 3,799
Maven 6,560
npm 6,147
NuGet 938
pip 5,036
Pub 13
RubyGems 1,059
Rust 1,351
Swift 54

Unreviewed advisories

All unreviewed 302,290

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

125,219 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper authorization checks of team members privileges allow a team member to escalate... High Unreviewed

CVE-2026-32991 was published May 14, 2026

Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL... High Unreviewed

CVE-2026-29206 was published May 14, 2026

Incorrect privileges management and insufficient path filtering allow to read arbitrary file on... High Unreviewed

CVE-2026-29205 was published May 14, 2026

Improper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint... High Unreviewed

CVE-2026-32993 was published May 14, 2026

SSL verification is disabled in the DNS Cluster system. This could allow for a malicious server... High Unreviewed

CVE-2026-32992 was published May 14, 2026

Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint... High Unreviewed

CVE-2026-45229 was published May 13, 2026

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in ninenines... High Unreviewed

CVE-2026-43970 was published May 13, 2026

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses... High Unreviewed

CVE-2026-33376 was published May 13, 2026

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x... High Unreviewed

CVE-2026-21821 was published May 13, 2026

Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows... High Unreviewed

CVE-2026-8466 was published May 13, 2026

An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard... High Unreviewed

CVE-2026-33377 was published May 13, 2026

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal... High Unreviewed

CVE-2026-30905 was published May 13, 2026

Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow... High Unreviewed

CVE-2026-30906 was published May 13, 2026

Exposure of the QKEY (used as input into the ‘OTA-Quantum’ device registration process) and... High Unreviewed

CVE-2026-33583 was published May 13, 2026

A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly... High Unreviewed

CVE-2026-0236 was published May 13, 2026

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software... High Unreviewed

CVE-2026-0263 was published May 13, 2026

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an... High Unreviewed

CVE-2026-0265 was published May 13, 2026

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks... High Unreviewed

CVE-2026-0264 was published May 13, 2026

An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on... High Unreviewed

CVE-2026-0237 was published May 13, 2026

A potential improper file path validation vulnerability was reported in some Lenovo Personal... High Unreviewed

CVE-2026-6282 was published May 13, 2026

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could... High Unreviewed

CVE-2026-6281 was published May 13, 2026

A vulnerability exists in BIG-IP systems that may allow an authenticated attacker with... High Unreviewed

CVE-2026-42919 was published May 13, 2026

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server,... High Unreviewed

CVE-2026-42920 was published May 13, 2026

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated... High Unreviewed

CVE-2026-42406 was published May 13, 2026

A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may... High Unreviewed

CVE-2026-42946 was published May 13, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

125,219 advisories