GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
13,022 advisories
Filter by severity
A vulnerability was determined in zhinianboke xianyu-auto-reply on Server. Affected by this...
Low
Unreviewed
CVE-2026-15753
was published
Jul 15, 2026
A security vulnerability has been detected in mastergo-design mastergo-magic-mcp up to 0.2.0. The...
Low
Unreviewed
CVE-2026-15751
was published
Jul 15, 2026
HCL BigFix Platform is affected by a user enumeration vulnerability which might allow an attacker...
Low
Unreviewed
CVE-2026-21840
was published
Jul 15, 2026
A weakness has been identified in mastergo-design mastergo-magic-mcp up to 0.2.0. Impacted is the...
Low
Unreviewed
CVE-2026-15750
was published
Jul 15, 2026
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML...
Low
Unreviewed
CVE-2025-6170
was published
Jun 16, 2025
A security flaw has been discovered in mastergo-design mastergo-magic-mcp up to 0.2.0. This issue...
Low
Unreviewed
CVE-2026-15749
was published
Jul 14, 2026
Adobe Commerce is affected by an Information Exposure vulnerability that could lead to a limited...
Low
Unreviewed
CVE-2026-48001
was published
Jul 14, 2026
ColdFusion is affected by an Insufficient Session Expiration vulnerability that could result in a...
Low
Unreviewed
CVE-2026-48329
was published
Jul 14, 2026
Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an authorized...
Low
Unreviewed
CVE-2026-50416
was published
Jul 14, 2026
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized...
Low
Unreviewed
CVE-2026-50419
was published
Jul 14, 2026
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected...
Low
Unreviewed
CVE-2026-15715
was published
Jul 14, 2026
A vulnerability was identified in spencermountain compromise up to 14.15.1. Affected is the...
Low
Unreviewed
CVE-2026-15699
was published
Jul 14, 2026
A vulnerability was determined in kofrasa mingo up to 7.2.1. This impacts the function update...
Low
Unreviewed
CVE-2026-15698
was published
Jul 14, 2026
A vulnerability was found in svgdotjs svg.js up to 3.2.5. This affects the function EventTarget...
Low
Unreviewed
CVE-2026-15697
was published
Jul 14, 2026
An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')...
Low
Unreviewed
CVE-2025-62675
was published
Jul 14, 2026
An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')...
Low
Unreviewed
CVE-2025-62826
was published
Jul 14, 2026
A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function...
Low
Unreviewed
CVE-2026-15702
was published
Jul 14, 2026
A security flaw has been discovered in DedeCMS 5.7.118. Affected by this vulnerability is the...
Low
Unreviewed
CVE-2026-15700
was published
Jul 14, 2026
A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally...
Low
Unreviewed
CVE-2026-0275
was published
Jul 9, 2026
libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted...
Low
Unreviewed
CVE-2026-41080
was published
Apr 16, 2026
In the Linux kernel, the following vulnerability has been resolved:
crypto: af_alg - Disallow...
Low
Unreviewed
CVE-2025-39964
was published
Oct 13, 2025
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a...
Low
Unreviewed
CVE-2026-0266
was published
Jun 11, 2026
In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows...
Low
Unreviewed
CVE-2026-45186
was published
May 10, 2026
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after...
Low
Unreviewed
CVE-2026-32778
was published
Mar 16, 2026
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to...
Low
Unreviewed
CVE-2025-61985
was published
Oct 6, 2025
ProTip!
Advisories are also available from the
GraphQL API