GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,466
Composer 5,807
Erlang 58
GitHub Actions 50
Go 3,799
Maven 6,560
npm 6,147
NuGet 938
pip 5,036
Pub 13
RubyGems 1,059
Rust 1,351
Swift 54

Unreviewed advisories

All unreviewed 302,290

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

157,950 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Android App "あんしんフィルター for au" provided by KDDI CORPORATION contains Cleartext Transmission of... Moderate Unreviewed

CVE-2026-41281 was published May 14, 2026

The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While... Moderate Unreviewed

CVE-2026-8328 was published May 13, 2026

Quark Drive before 0.8.5 contains a stored cross-site scripting vulnerability in the System... Moderate Unreviewed

CVE-2026-45228 was published May 13, 2026

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a... Moderate Unreviewed

CVE-2026-28376 was published May 13, 2026

A request to the Grafana plugin resources endpoint can cause unbounded memory allocation by... Moderate Unreviewed

CVE-2026-28383 was published May 13, 2026

Editors could delete any annotation, even those they do not have read access to. The editor user... Moderate Unreviewed

CVE-2026-28374 was published May 13, 2026

A cross-site scripting (XSS) vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously... Moderate Unreviewed

CVE-2026-8496 was published May 13, 2026

Using the $__timeGroup macro, one can achieve an OOM by overloading the server. This requires a... Moderate Unreviewed

CVE-2026-33378 was published May 13, 2026

A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables... Moderate Unreviewed

CVE-2026-0243 was published May 13, 2026

Any Editor could delete any snapshot, even if they have no access to read or write them. Moderate Unreviewed

CVE-2026-28380 was published May 13, 2026

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server... Moderate Unreviewed

CVE-2026-28379 was published May 13, 2026

When a user's access to mint tokens for a service account is revoked, it is sometimes still... Moderate Unreviewed

CVE-2026-33381 was published May 13, 2026

A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from... Moderate Unreviewed

CVE-2026-33380 was published May 13, 2026

Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables... Moderate Unreviewed

CVE-2026-33584 was published May 13, 2026

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an... Moderate Unreviewed

CVE-2026-0261 was published May 13, 2026

Hermes WebUI prior to 0.51.44 - Release T contains a path traversal vulnerability in the session... Moderate Unreviewed

CVE-2026-22677 was published May 13, 2026

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an... Moderate Unreviewed

CVE-2026-0262 was published May 13, 2026

An information disclosure vulnerability in the Chronosphere Chronocollector enables an... Moderate Unreviewed

CVE-2026-0239 was published May 13, 2026

A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables... Moderate Unreviewed

CVE-2026-0256 was published May 13, 2026

A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally... Moderate Unreviewed

CVE-2026-0235 was published May 13, 2026

A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables... Moderate Unreviewed

CVE-2026-0250 was published May 13, 2026

An information disclosure vulnerability in Trust Protection Foundation enables an authenticated... Moderate Unreviewed

CVE-2026-0240 was published May 13, 2026

Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access... Moderate Unreviewed

CVE-2026-0247 was published May 13, 2026

A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to... Moderate Unreviewed

CVE-2026-0242 was published May 13, 2026

Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™... Moderate Unreviewed

CVE-2026-0249 was published May 13, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

157,950 advisories