Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,787
NuGet
825
pip
4,384
Pub
12
RubyGems
988
Rust
1,144
Swift
50
Unreviewed advisories
All unreviewed
5,000+

3,864 advisories

Loading
Keycloak Server Private SPI: Improper Access Control Allows Administrators to Bypass Attribute Visibility Restrictions and Modify Unmanaged User Profile Attributes Moderate
CVE-2026-0871 was published for org.keycloak:keycloak-server-spi-private (Maven) Feb 27, 2026
pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability High
CVE-2026-1707 was published for pgadmin4 (pip) Feb 5, 2026
Budibase Improper Control of Dynamically-Managed Code Resources vulnerability Moderate
CVE-2022-3225 was published for @budibase/bbui (npm) Sep 17, 2022
Umbraco.Engage.Forms Allows Unauthorized Access to Multiple API Endpoints High
CVE-2026-27449 was published for Umbraco.Engage.Forms (NuGet) Feb 27, 2026
A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function... Moderate Unreviewed
CVE-2026-1107 was published Jan 18, 2026
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148 and... Critical Unreviewed
CVE-2026-2768 was published Feb 24, 2026
Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations Moderate
CVE-2026-22728 was published for github.com/bitnami-labs/sealed-secrets (Go) Feb 26, 2026
1seal Credited to 1seal
n8n has an SSO Enforcement Bypass in its Self-Service Settings API Moderate
GHSA-vjf3-2gpj-233v was published for n8n (npm) Feb 26, 2026
stanislavfortaisle Credited to stanislavfortaisle
A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this... Moderate Unreviewed
CVE-2026-3187 was published Feb 25, 2026
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile... Moderate Unreviewed
CVE-2026-2356 was published Feb 26, 2026
An issue in Gardyn 4 allows a remote attacker with the corresponding ssh private key can gain... High Unreviewed
CVE-2025-29630 was published Jul 25, 2025
A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege... High Unreviewed
CVE-2024-7557 was published Aug 12, 2024
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote... High Unreviewed
CVE-2025-63409 was published Feb 24, 2026
ImageMagick's Security Policy Bypass through config/policy-secure.xml via "fd handler" leads to stdin/stdout access Moderate
CVE-2026-25966 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
A security vulnerability has been detected in Great Developers Certificate Generation System up... Moderate Unreviewed
CVE-2026-2183 was published Feb 8, 2026
A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261.... Moderate Unreviewed
CVE-2025-15110 was published Dec 27, 2025
A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts... Moderate Unreviewed
CVE-2025-15109 was published Dec 27, 2025
A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by... Moderate Unreviewed
CVE-2025-12862 was published Nov 7, 2025
A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an... Moderate Unreviewed
CVE-2025-14582 was published Dec 13, 2025
A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by... Moderate Unreviewed
CVE-2026-3025 was published Feb 23, 2026
A security vulnerability has been detected in lwj flow up to... Moderate Unreviewed
CVE-2026-1126 was published Jan 18, 2026
A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function... Moderate Unreviewed
CVE-2026-2979 was published Feb 23, 2026
A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function... Moderate Unreviewed
CVE-2026-2977 was published Feb 23, 2026
A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function... Moderate Unreviewed
CVE-2026-2978 was published Feb 23, 2026
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0.  High Unreviewed
CVE-2023-2112 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database