GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
1,246 advisories
Filter by severity
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57791
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57795
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57789
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57804
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57801
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57803
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57802
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57805
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57788
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57790
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57800
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57743
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57792
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57794
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57799
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57796
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57793
was published
Jul 13, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2026-57798
was published
Jul 13, 2026
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File...
High
Unreviewed
CVE-2026-15338
was published
Jul 11, 2026
The Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments &...
Moderate
Unreviewed
CVE-2025-11977
was published
Jul 10, 2026
The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for...
Moderate
Unreviewed
CVE-2026-13080
was published
Jul 9, 2026
PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with...
Low
Unreviewed
CVE-2026-12194
was published
Jul 4, 2026
The RTMKit (rometheme-for-elementor) plugin for WordPress is vulnerable to Local File Inclusion...
Moderate
Unreviewed
CVE-2026-5137
was published
Jul 3, 2026
Mautic vulnerable to Path Traversal via Campaign Import
Critical
CVE-2026-9559
was published
for
mautic/core
(Composer)
Jul 2, 2026
Contributor Local File Inclusion in SportsPress Pro <= 2.7.29 versions.
High
Unreviewed
CVE-2026-57749
was published
Jul 2, 2026
ProTip!
Advisories are also available from the
GraphQL API