GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
27,353 advisories
Filter by severity
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-50447
was published
Jul 14, 2026
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a...
Critical
Unreviewed
CVE-2026-50380
was published
Jul 14, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker...
Critical
Unreviewed
CVE-2026-58644
was published
Jul 14, 2026
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft...
Critical
Unreviewed
CVE-2026-55008
was published
Jul 14, 2026
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-54990
was published
Jul 14, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker...
Critical
Unreviewed
CVE-2026-50522
was published
Jul 14, 2026
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
Critical
Unreviewed
CVE-2026-49798
was published
Jul 14, 2026
Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code...
Critical
Unreviewed
CVE-2026-49172
was published
Jul 14, 2026
Improper neutralization of special elements used in a command ('command injection') in Microsoft...
Critical
Unreviewed
CVE-2026-48561
was published
Jul 14, 2026
Heap-based buffer overflow in SQL Server ODBC driver allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-42990
was published
Jul 14, 2026
A denial-of-service issue exists in 5380/5480/5580 controllers boot firmware lower than version 1...
Critical
Unreviewed
CVE-2025-11698
was published
Jul 14, 2026
A path traversal vulnerability in Tenable Agent 11.2.0 and 11.1.3 and lower allows a privileged...
Critical
Unreviewed
CVE-2026-15265
was published
Jul 14, 2026
A denial-of-service issue exists in 5380/5480/5580 controllers. This vulnerability could...
Critical
Unreviewed
CVE-2025-12012
was published
Jul 14, 2026
A denial-of-service issue exists in 5370/5570 controllers. This vulnerability could potentially...
Critical
Unreviewed
CVE-2025-12011
was published
Jul 14, 2026
Sustainable Irrigation Platform (SIP) through version 5.2.16 contains a command injection...
Critical
Unreviewed
CVE-2026-58479
was published
Jul 14, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2026-62390
was published
Jul 14, 2026
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2026-62392
was published
Jul 14, 2026
A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected product exposes a...
Critical
Unreviewed
CVE-2026-10577
was published
Jul 14, 2026
A vulnerability has been identified in Opcenter X (All versions < V2604). Affected applications...
Critical
Unreviewed
CVE-2026-56451
was published
Jul 14, 2026
In JetBrains YouTrack before 2026.1.13757,
2025.3.148033,
2025.2.148048,
2025.1.148120,
2024.3...
Critical
Unreviewed
CVE-2026-62422
was published
Jul 14, 2026
Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper...
Critical
Unreviewed
CVE-2026-58319
was published
Jul 14, 2026
In Eclipse BaSyx Java Server SDK versions 2.0.0-milestone-05 to 2.0.0-milestone-12, deployments...
Critical
Unreviewed
CVE-2026-57898
was published
Jul 14, 2026
Improper Handling of URL Encoding (Hex Encoding) vulnerability in Apache Tomcat's rewrite valve...
Critical
Unreviewed
CVE-2026-59083
was published
Jul 14, 2026
Insufficient Technical Documentation vulnerability in Apache Tomcat since the requirements to...
Critical
Unreviewed
CVE-2026-59084
was published
Jul 14, 2026
Multiple input validation vulnerabilities in the Snowflake Spark Connector (spark-snowflake)...
Critical
Unreviewed
CVE-2026-15183
was published
Jul 14, 2026
ProTip!
Advisories are also available from the
GraphQL API