GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
231 advisories
Filter by severity
Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 (TDDP module) allows...
Moderate
Unreviewed
CVE-2026-0834
was published
Jan 21, 2026
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects...
Moderate
Unreviewed
CVE-2026-0890
was published
Jan 13, 2026
The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets....
Moderate
Unreviewed
CVE-2025-66270
was published
Dec 5, 2025
A flaw exists in the verification of application installation sources within ColorOS. Under...
Moderate
Unreviewed
CVE-2025-27389
was published
Dec 5, 2025
Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a...
Moderate
Unreviewed
CVE-2025-13636
was published
Dec 2, 2025
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local...
Moderate
Unreviewed
CVE-2025-13635
was published
Dec 2, 2025
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41...
Moderate
Unreviewed
CVE-2025-13634
was published
Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a...
Moderate
Unreviewed
CVE-2025-59699
was published
Dec 2, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18...
Moderate
Unreviewed
CVE-2025-12653
was published
Nov 26, 2025
An inconsistent user interface issue was addressed with improved state management. This issue is...
Moderate
Unreviewed
CVE-2025-43503
was published
Nov 4, 2025
The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1,...
Moderate
Unreviewed
CVE-2025-43493
was published
Nov 4, 2025
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized...
Moderate
Unreviewed
CVE-2025-59501
was published
Oct 31, 2025
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products...
Moderate
Unreviewed
CVE-2025-5605
was published
Oct 24, 2025
Reolink desktop application 8.18.12 contains a vulnerability in its local authentication...
Moderate
Unreviewed
CVE-2025-56800
was published
Oct 21, 2025
This vulnerability affects Firefox < 143 and Thunderbird < 143.
Moderate
Unreviewed
CVE-2025-10530
was published
Sep 16, 2025
One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to...
Moderate
Unreviewed
CVE-2025-56689
was published
Sep 8, 2025
In multiple locations, there is a possible lock screen bypass due to a logic error in the code....
Moderate
Unreviewed
CVE-2025-26421
was published
Sep 4, 2025
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest...
Moderate
Unreviewed
CVE-2025-56608
was published
Sep 3, 2025
An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an...
Moderate
Unreviewed
CVE-2025-50454
was published
Aug 5, 2025
CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to...
Moderate
Unreviewed
CVE-2025-46018
was published
Aug 1, 2025
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd...
Moderate
Unreviewed
CVE-2025-34065
was published
Jul 1, 2025
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd...
Moderate
Unreviewed
CVE-2025-34053
was published
Jul 1, 2025
The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using...
Moderate
Unreviewed
CVE-2025-23168
was published
Jun 19, 2025
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a...
Moderate
Unreviewed
CVE-2025-5067
was published
May 27, 2025
The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary...
Moderate
Unreviewed
CVE-2025-48027
was published
May 15, 2025
ProTip!
Advisories are also available from the
GraphQL API