Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,931
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,382
Swift
56
Unreviewed advisories
All unreviewed
5,000+

14,580 advisories

Loading
StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows... Low Unreviewed
CVE-2026-4387 was published May 29, 2026
In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible Low Unreviewed
CVE-2026-49380 was published May 29, 2026
In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible Low Unreviewed
CVE-2026-49383 was published May 29, 2026
In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible Low Unreviewed
CVE-2026-49381 was published May 29, 2026
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests Low Unreviewed
CVE-2026-49370 was published May 29, 2026
Authelia Missing Username Canonicalization in Basic Auth (LDAP) Low
CVE-2026-47203 was published for github.com/authelia/authelia/v4 (Go) May 29, 2026
Nadav0077 Credited to Nadav0077, james-d-elliott, nightah, and Crowley723 james-d-elliott james-d-elliott
nightah nightah Crowley723 Crowley723
QuickCMS is vulnerable to Cross-Site Scripting (XSS) through its insecure HTTP-based plugin... Low Unreviewed
CVE-2026-33386 was published May 29, 2026
OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that... Low Unreviewed
CVE-2026-34507 was published May 29, 2026
A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function... Low Unreviewed
CVE-2026-10064 was published May 29, 2026
OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals... Low Unreviewed
CVE-2026-32906 was published May 29, 2026
vm2 setup-sandbox.js violates Defense Invariant #11 in stack-trace formatter Low
GHSA-q3fm-4wcw-g57x was published for vm2 (npm) May 29, 2026
fg0x0 Credited to fg0x0
Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix Low
CVE-2026-44489 was published for axios (npm) May 29, 2026
Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle... Low Unreviewed
CVE-2026-49318 was published May 29, 2026
Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle... Low Unreviewed
CVE-2026-49317 was published May 29, 2026
A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the... Low Unreviewed
CVE-2026-10061 was published May 29, 2026
A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function... Low Unreviewed
CVE-2026-10060 was published May 29, 2026
OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun... Low Unreviewed
CVE-2026-40528 was published May 29, 2026
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability... Low Unreviewed
CVE-2026-40510 was published May 29, 2026
A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes... Low Unreviewed
CVE-2026-10078 was published May 29, 2026
Inappropriate implementation in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed... Low Unreviewed
CVE-2026-9991 was published May 29, 2026
Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216... Low Unreviewed
CVE-2026-9950 was published May 29, 2026
Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who... Low Unreviewed
CVE-2026-9944 was published May 29, 2026
Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to... Low Unreviewed
CVE-2026-9959 was published May 29, 2026
Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote... Low Unreviewed
CVE-2026-9920 was published May 29, 2026
Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote... Low Unreviewed
CVE-2026-10011 was published May 29, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database