GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
641 advisories
Filter by severity
Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that...
Critical
Unreviewed
CVE-2026-58123
was published
Jul 10, 2026
mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and...
Critical
Unreviewed
CVE-2026-59706
was published
Jul 8, 2026
mem0's openmemory/api component contains an unauthenticated access vulnerability that allows...
Critical
Unreviewed
CVE-2026-59705
was published
Jul 8, 2026
Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated...
Critical
Unreviewed
CVE-2026-58473
was published
Jul 7, 2026
In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to...
Critical
Unreviewed
CVE-2022-24562
was published
Jun 17, 2022
Missing authentication for critical function vulnerability in TR7 Cyber Defense Inc. WAF-ASP...
Critical
Unreviewed
CVE-2026-4767
was published
Jul 2, 2026
PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that...
Critical
Unreviewed
CVE-2026-58126
was published
Jul 1, 2026
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via...
Critical
Unreviewed
CVE-2026-58127
was published
Jul 1, 2026
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability,...
Critical
Unreviewed
CVE-2026-14162
was published
Jun 30, 2026
Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without...
Critical
Unreviewed
CVE-2026-12819
was published
Jun 30, 2026
Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api...
Critical
Unreviewed
CVE-2026-56782
was published
Jun 29, 2026
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate...
Critical
Unreviewed
CVE-2026-40702
was published
Jun 26, 2026
Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account...
Critical
Unreviewed
CVE-2025-71327
was published
Jun 26, 2026
In JetBrains Hub before 2026.1.13757,
2025.3.148033,
2025.2.148048,
2025.1.148120,
2024.3.148430,...
Critical
Unreviewed
CVE-2026-50242
was published
Jun 19, 2026
Two state-mutating endpoints in pgAdmin 4's SQL Editor blueprint -- DELETE /sqleditor/close/...
Critical
Unreviewed
CVE-2026-12046
was published
Jun 19, 2026
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to...
Critical
Unreviewed
CVE-2026-54130
was published
Jun 19, 2026
The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and...
Critical
Unreviewed
CVE-2026-54103
was published
Jun 18, 2026
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below...
Critical
Unreviewed
CVE-2026-20253
was published
Jun 10, 2026
Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey...
Critical
Unreviewed
CVE-2026-55196
was published
Jun 17, 2026
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component:...
Critical
Unreviewed
CVE-2026-46789
was published
Jun 17, 2026
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:...
Critical
Unreviewed
CVE-2026-46879
was published
Jun 17, 2026
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM Legacy...
Critical
Unreviewed
CVE-2026-46807
was published
Jun 17, 2026
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component:...
Critical
Unreviewed
CVE-2026-46846
was published
Jun 17, 2026
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component:...
Critical
Unreviewed
CVE-2026-46803
was published
Jun 17, 2026
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web...
Critical
Unreviewed
CVE-2026-46905
was published
Jun 17, 2026
ProTip!
Advisories are also available from the
GraphQL API