Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
48
GitHub Actions
48
Go
3,391
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,614
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

2,360 advisories

Loading
OpenSTAManager Affected by Remote Code Execution via Insecure Deserialization in OAuth2 High
CVE-2026-29782 was published for devcode-it/openstamanager (Composer) Apr 1, 2026
ormzro Credited to ormzro
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted... High Unreviewed
CVE-2026-24165 was published Mar 31, 2026
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted... High Unreviewed
CVE-2026-24164 was published Mar 31, 2026
An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has... High Unreviewed
CVE-2026-4266 was published Mar 30, 2026
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization... High Unreviewed
CVE-2026-4416 was published Mar 30, 2026
Saloon has insecure deserialization in AccessTokenAuthenticator High
CVE-2026-33942 was published for saloonphp/saloon (Composer) Mar 27, 2026
JonPurvis Credited to JonPurvis, Sammyjo20, and HuajiHD Sammyjo20 Sammyjo20
HuajiHD HuajiHD
splunk-otel-javaagent: Unsafe deserialization in RMI instrumentation may lead to Remote Code Execution Critical
GHSA-h8w2-rv57-vc6f was published for com.splunk:splunk-otel-javaagent (Maven) Mar 26, 2026
dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution Critical
CVE-2026-33728 was published for com.datadoghq:dd-java-agent (Maven) Mar 26, 2026
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via... High Unreviewed
CVE-2026-3328 was published Mar 26, 2026
OpenTelemetry: Unsafe Deserialization in RMI Instrumentation may Lead to Remote Code Execution Critical
CVE-2026-33701 was published for io.opentelemetry.javaagent:opentelemetry-javaagent (Maven) Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object... Moderate Unreviewed
CVE-2026-32511 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object... Moderate Unreviewed
CVE-2026-32510 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object... Moderate Unreviewed
CVE-2026-32507 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production... Critical Unreviewed
CVE-2026-32512 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object... Moderate Unreviewed
CVE-2026-32506 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object... Moderate Unreviewed
CVE-2026-32509 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object... Moderate Unreviewed
CVE-2026-32508 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive... High Unreviewed
CVE-2026-32513 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object... Critical Unreviewed
CVE-2026-27084 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object... Critical Unreviewed
CVE-2026-27082 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel... Critical Unreviewed
CVE-2026-27083 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat... Critical Unreviewed
CVE-2026-27095 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object... High Unreviewed
CVE-2026-32484 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing... Critical Unreviewed
CVE-2026-32502 was published Mar 25, 2026
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object... High Unreviewed
CVE-2026-25400 was published Mar 25, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database