Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,606
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,831
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

41,964 advisories

Loading
A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown... Moderate Unreviewed
CVE-2026-7026 was published Apr 26, 2026
A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of... Moderate Unreviewed
CVE-2026-7027 was published Apr 26, 2026
A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the... Moderate Unreviewed
CVE-2026-7016 was published Apr 26, 2026
A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the... Moderate Unreviewed
CVE-2026-7012 was published Apr 26, 2026
A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an... Moderate Unreviewed
CVE-2026-7011 was published Apr 26, 2026
A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is... Moderate Unreviewed
CVE-2026-7013 was published Apr 26, 2026
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the... Moderate Unreviewed
CVE-2026-7014 was published Apr 26, 2026
A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown... Moderate Unreviewed
CVE-2026-7015 was published Apr 26, 2026
A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the... Moderate Unreviewed
CVE-2026-7001 was published Apr 26, 2026
A vulnerability has been found in Datacom DM4100 1.3.6.1.4.1.3709. Affected by this issue is some... Moderate Unreviewed
CVE-2026-7000 was published Apr 25, 2026
A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown... Moderate Unreviewed
CVE-2026-6996 was published Apr 25, 2026
A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This... Moderate Unreviewed
CVE-2026-6997 was published Apr 25, 2026
A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted... Moderate Unreviewed
CVE-2026-6995 was published Apr 25, 2026
A vulnerability was detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. Affected is an unknown... Moderate Unreviewed
CVE-2026-6998 was published Apr 25, 2026
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2026-6999 was published Apr 25, 2026
A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown... Moderate Unreviewed
CVE-2026-6990 was published Apr 25, 2026
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI... Moderate Unreviewed
CVE-2026-41472 was published Apr 24, 2026
wlc: print_html outputs API data without HTML escaping Moderate
GHSA-gx2m-mcc2-r4p3 was published for wlc (pip) Apr 24, 2026
fg0x0 Credited to fg0x0 and nijel nijel nijel
Excalidraw vulnerable to XSS via Mermaid sequence diagram labels (KaTeX rendering) Moderate
GHSA-39h7-pwv7-rc3x was published for @excalidraw/excalidraw (npm) Apr 24, 2026
Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-12-01 allows a remote... Moderate Unreviewed
CVE-2026-31050 was published Apr 24, 2026
Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via... Moderate Unreviewed
CVE-2025-61872 was published Apr 24, 2026
PostCSS has XSS via Unescaped </style> in its CSS Stringify Output Moderate
CVE-2026-41305 was published for postcss (npm) Apr 24, 2026
TharVid Credited to TharVid
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2026-41043 was published Apr 24, 2026
AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. Authenticated... Low Unreviewed
CVE-2026-4313 was published Apr 24, 2026
The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple... Moderate Unreviewed
CVE-2026-4078 was published Apr 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database