Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,722
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,943
Pub
13
RubyGems
1,055
Rust
1,338
Swift
54
Unreviewed advisories
All unreviewed
5,000+

4,062 advisories

Loading
Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96... High Unreviewed
CVE-2026-7994 was published May 6, 2026
Inappropriate implementation in ORB in Google Chrome prior to 148.0.7778.96 allowed a remote... Moderate Unreviewed
CVE-2026-7971 was published May 6, 2026
Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote... Moderate Unreviewed
CVE-2026-7977 was published May 6, 2026
Low-privileged Grav API users can create super-admin accounts via blueprint-upload High
CVE-2026-42844 was published for getgrav/grav (Composer) May 6, 2026
0d000721999 Credited to 0d000721999
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud... Moderate Unreviewed
CVE-2026-40001 was published May 6, 2026
ciguard: Container image runs as root (no USER directive) Low
CVE-2026-44218 was published for ciguard (pip) May 5, 2026
Grav Vulnerable to Administrative Account Disruption and Privilege De-escalation via User Overwrite Logic High
CVE-2026-42609 was published for getgrav/grav (Composer) May 5, 2026
AnhNg1410 Credited to AnhNg1410
An issue that could allow a dashboard configuration to be viewed from outside of the authorized... Moderate Unreviewed
CVE-2026-7778 was published May 5, 2026
The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to,... Critical Unreviewed
CVE-2025-13618 was published May 5, 2026
An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local ... High Unreviewed
CVE-2026-24072 was published May 4, 2026
The Import and export users and customers plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2026-7641 was published May 2, 2026
AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation... High Unreviewed
CVE-2026-37525 was published May 1, 2026
IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource... High Unreviewed
CVE-2026-6389 was published May 1, 2026
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is... High Unreviewed
CVE-2026-6741 was published Apr 27, 2026
The Fan Control application V251 contains an improper privilege handling vulnerability in its... High Unreviewed
CVE-2025-69689 was published Apr 27, 2026
The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2026-7106 was published Apr 27, 2026
Duplicate Advisory: OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send High
GHSA-394x-274p-mqc6 was published for openclaw (npm) Apr 24, 2026 withdrawn
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application... High Unreviewed
CVE-2026-3621 was published Apr 23, 2026
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 Moderate Unreviewed
CVE-2026-1726 was published Apr 23, 2026
In order to apply a particular protection key to an address range, the kernel must update the... Moderate Unreviewed
CVE-2026-6386 was published Apr 22, 2026
Neko has a Self-service Privilege Escalation for Authenticated Users High
CVE-2026-39386 was published for github.com/m1k1o/neko/server (Go) Apr 21, 2026
blitzkrieg-patch Credited to blitzkrieg-patch
Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150 and... Moderate Unreviewed
CVE-2026-6769 was published Apr 21, 2026
Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150 and... Moderate Unreviewed
CVE-2026-6761 was published Apr 21, 2026
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in... Moderate Unreviewed
CVE-2026-6750 was published Apr 21, 2026
PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may... Low Unreviewed
CVE-2026-31369 was published Apr 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database