GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,998
Composer 5,462
Erlang 46
GitHub Actions 48
Go 3,361
Maven 6,349
npm 5,410
NuGet 881
pip 4,554
Pub 12
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,741

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,051 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel... High Unreviewed

CVE-2026-32976 was published Mar 31, 2026

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor... Moderate Unreviewed

CVE-2026-3139 was published Mar 31, 2026

Insecure Direct Object Reference (IDOR) vulnerability in 1millionbot Millie chat that allows... High Unreviewed

CVE-2026-4400 was published Mar 31, 2026

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1... High Unreviewed

CVE-2026-3321 was published Mar 30, 2026

The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in... High Unreviewed

CVE-2026-3124 was published Mar 30, 2026

Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for... Critical Unreviewed

CVE-2026-1496 was published Mar 27, 2026

The Elementor Website Builder plugin for WordPress is vulnerable to Incorrect Authorization to... Moderate Unreviewed

CVE-2026-1206 was published Mar 26, 2026

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct... Moderate Unreviewed

CVE-2025-14974 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint... Moderate Unreviewed

CVE-2026-32533 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support... Moderate Unreviewed

CVE-2026-32535 was published Mar 25, 2026

Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege... Moderate Unreviewed

CVE-2026-2414 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription... High Unreviewed

CVE-2025-69347 was published Mar 25, 2026

Authorization Bypass Through User-Controlled Key vulnerability in Themeum Tutor LMS allows... Moderate Unreviewed

CVE-2025-32223 was published Mar 19, 2026

Authorization Bypass Through User-Controlled Key vulnerability in Really Simple Plugins B.V.... Moderate Unreviewed

CVE-2026-27397 was published Mar 19, 2026

Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the... High Unreviewed

CVE-2026-3020 was published Mar 16, 2026

The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for... Moderate Unreviewed

CVE-2026-1883 was published Mar 16, 2026

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2026-1947 was published Mar 16, 2026

Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object... Critical Unreviewed

CVE-2017-20223 was published Mar 16, 2026

Wowza Streaming Engine 4.5.0 contains a local privilege escalation vulnerability that allows... High Unreviewed

CVE-2016-20033 was published Mar 16, 2026

A broken access control may allow an authenticated user to perform a horizontal privilege... High Unreviewed

CVE-2026-3999 was published Mar 13, 2026

The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2026-2879 was published Mar 13, 2026

The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2026-2257 was published Mar 13, 2026

The Formidable Forms plugin for WordPress is vulnerable to an authorization bypass through user... Moderate Unreviewed

CVE-2026-2888 was published Mar 13, 2026

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for... Moderate Unreviewed

CVE-2026-1704 was published Mar 13, 2026

SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows... Critical Unreviewed

CVE-2019-25487 was published Mar 11, 2026

Previous1…43 Next

Previous 1 2 3 4 5 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,051 advisories