GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 32,236
Composer 6,035
Erlang 74
GitHub Actions 54
Go 4,092
Maven 6,688
npm 6,653
NuGet 994
pip 5,497
Pub 13
RubyGems 1,095
Rust 1,414
Swift 61

Unreviewed advisories

All unreviewed 309,501

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

309,501 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as /... Moderate Unreviewed

CVE-2026-56697 was published Jun 23, 2026

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in... Moderate Unreviewed

CVE-2026-56698 was published Jun 23, 2026

A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before... Low Unreviewed

CVE-2026-48931 was published Jun 22, 2026

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization... High Unreviewed

CVE-2026-44271 was published Jun 22, 2026

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Unknown Unreviewed

CVE-2026-53778 was published Jun 22, 2026

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization... High Unreviewed

CVE-2026-44272 was published Jun 22, 2026

WebP Server Go through 0.14.4 contains a path traversal vulnerability on Windows that allows... High Unreviewed

CVE-2026-53779 was published Jun 22, 2026

Gophish through 0.12.1 contains a denial of service vulnerability that allows authenticated users... High Unreviewed

CVE-2026-39904 was published Jun 22, 2026

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Link Resolution... High Unreviewed

CVE-2026-44274 was published Jun 22, 2026

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application... Moderate Unreviewed

CVE-2026-10852 was published Jun 22, 2026

Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default... Moderate Unreviewed

CVE-2026-44273 was published Jun 22, 2026

A command injection vulnerability has been identified in the DHCP option processing logic in... High Unreviewed

CVE-2026-11834 was published Jun 22, 2026

The Advanced Linux Sound Architecture (ALSA) library before 1.2.16.1 contains a double-free... High Unreviewed

CVE-2026-56109 was published Jun 22, 2026

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the... Moderate Unreviewed

CVE-2026-11994 was published Jun 22, 2026

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active... Critical Unreviewed

CVE-2026-12249 was published Jun 22, 2026

The public dashboard query endpoint does not limit request body size before processing, allowing... High Unreviewed

CVE-2026-42127 was published Jun 22, 2026

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0... Moderate Unreviewed

CVE-2026-9320 was published Jun 22, 2026

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in... Moderate Unreviewed

CVE-2026-7253 was published Jun 22, 2026

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server and IBM WebSphere Application... High Unreviewed

CVE-2026-8858 was published Jun 22, 2026

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is... Moderate Unreviewed

CVE-2026-8059 was published Jun 22, 2026

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0... High Unreviewed

CVE-2026-9071 was published Jun 22, 2026

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated... Critical Unreviewed

CVE-2026-56104 was published Jun 22, 2026

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an... Moderate Unreviewed

CVE-2026-8636 was published Jun 22, 2026

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application... High Unreviewed

CVE-2026-9072 was published Jun 22, 2026

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes... Low Unreviewed

CVE-2026-9610 was published Jun 22, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

309,501 advisories