GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
119,651 advisories
Filter by severity
A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead...
High
Unreviewed
CVE-2026-48618
was published
Jun 26, 2026
A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt(...
High
Unreviewed
CVE-2026-48933
was published
Jun 26, 2026
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop...
High
Unreviewed
CVE-2026-12505
was published
Jun 18, 2026
Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11,...
High
Unreviewed
CVE-2026-12328
was published
Jun 16, 2026
In the Linux kernel, the following vulnerability has been resolved:
xfrm: defensively unhash...
High
Unreviewed
CVE-2026-46116
was published
May 28, 2026
Improper Restriction of Communication Channel to Intended Endpoints and External Control of File...
High
Unreviewed
CVE-2026-8920
was published
Jul 15, 2026
Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote...
High
Unreviewed
CVE-2026-8919
was published
Jul 15, 2026
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read...
High
Unreviewed
CVE-2026-9770
was published
Jul 15, 2026
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface,...
High
Unreviewed
CVE-2026-15029
was published
Jul 15, 2026
Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not...
High
Unreviewed
CVE-2026-13585
was published
Jul 15, 2026
In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp - copy IV using...
High
Unreviewed
CVE-2026-53016
was published
Jun 24, 2026
Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox...
High
Unreviewed
CVE-2026-12292
was published
Jun 16, 2026
Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152,...
High
Unreviewed
CVE-2026-12291
was published
Jun 16, 2026
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR...
High
Unreviewed
CVE-2026-12290
was published
Jun 16, 2026
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in...
High
Unreviewed
CVE-2026-12289
was published
Jun 16, 2026
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double...
High
Unreviewed
CVE-2026-33811
was published
May 7, 2026
A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of...
High
Unreviewed
CVE-2026-48864
was published
May 26, 2026
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary...
High
Unreviewed
CVE-2026-48335
was published
Jul 15, 2026
Illustrator is affected by an Untrusted Search Path vulnerability that could result in arbitrary...
High
Unreviewed
CVE-2026-48275
was published
Jul 15, 2026
CAI Content Credentials is affected by a Server-Side Request Forgery (SSRF) vulnerability that...
High
Unreviewed
CVE-2026-48290
was published
Jul 15, 2026
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary...
High
Unreviewed
CVE-2026-48336
was published
Jul 15, 2026
CAI Content Credentials is affected by an Insufficiently Protected Credentials vulnerability that...
High
Unreviewed
CVE-2026-48295
was published
Jul 15, 2026
CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result...
High
Unreviewed
CVE-2026-48287
was published
Jul 15, 2026
CAI Content Credentials is affected by an Improper Input Validation vulnerability that could...
High
Unreviewed
CVE-2026-48351
was published
Jul 15, 2026
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary...
High
Unreviewed
CVE-2026-48337
was published
Jul 15, 2026
ProTip!
Advisories are also available from the
GraphQL API