GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
118,988 advisories
Filter by severity
A flaw was found in the vllm-orchestrator-gateway component. The system's production binary logs...
High
Unreviewed
CVE-2026-15574
was published
Jul 13, 2026
A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function...
High
Unreviewed
CVE-2026-15544
was published
Jul 13, 2026
A vulnerability was identified in Shibby Tomato up to 1.28.0000. Affected by this vulnerability...
High
Unreviewed
CVE-2026-15545
was published
Jul 13, 2026
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of...
High
Unreviewed
CVE-2026-15543
was published
Jul 13, 2026
A Server-Side Request Forgery (SSRF) protection bypass existed in the html_to_markdown expansion...
High
Unreviewed
CVE-2026-62143
was published
Jul 13, 2026
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated arbitrary file deletion.
High
Unreviewed
CVE-2026-57830
was published
Jul 13, 2026
An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise...
High
Unreviewed
CVE-2026-14165
was published
Jul 13, 2026
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated stored XSS.
High
Unreviewed
CVE-2026-57829
was published
Jul 13, 2026
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch...
High
Unreviewed
CVE-2026-50256
was published
Jun 5, 2026
Successful
exploitation of the integer overflow vulnerability could allow an attacker to
achieve...
High
Unreviewed
CVE-2026-7162
was published
Jul 13, 2026
The MBStorage DRAM lighting control module within Gigabyte Control Center (GCC) developed by...
High
Unreviewed
CVE-2026-9492
was published
Jul 13, 2026
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers...
High
Unreviewed
CVE-2026-50264
was published
Jun 5, 2026
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks...
High
Unreviewed
CVE-2026-50259
was published
Jun 5, 2026
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A...
High
Unreviewed
CVE-2026-50261
was published
Jun 5, 2026
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client...
High
Unreviewed
CVE-2026-50260
was published
Jun 5, 2026
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A...
High
Unreviewed
CVE-2026-50257
was published
Jun 5, 2026
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has...
High
Unreviewed
CVE-2026-50258
was published
Jun 5, 2026
A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this...
High
Unreviewed
CVE-2026-15511
was published
Jul 13, 2026
A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. The affected...
High
Unreviewed
CVE-2026-15506
was published
Jul 13, 2026
Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker...
High
Unreviewed
CVE-2026-58596
was published
Jul 12, 2026
luci-app-upnp contains a stored cross-site scripting vulnerability that allows unauthenticated...
High
Unreviewed
CVE-2026-61875
was published
Jul 12, 2026
Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's ...
High
Unreviewed
CVE-2026-56260
was published
Jul 12, 2026
Capgo before 12.128.2 contains a cross-organization account disruption vulnerability in the SSO...
High
Unreviewed
CVE-2026-56313
was published
Jul 12, 2026
OpenWrt luci-app-samba4 read ACL grants file.exec permission on /usr/sbin/smbd, allowing...
High
Unreviewed
CVE-2026-59260
was published
Jul 12, 2026
Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server...
High
Unreviewed
CVE-2026-56259
was published
Jul 12, 2026
ProTip!
Advisories are also available from the
GraphQL API