GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
27,352 advisories
Filter by severity
Illustrator is affected by an Improper Input Validation vulnerability that could result in...
Critical
Unreviewed
CVE-2026-48334
was published
Jul 15, 2026
ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary...
Critical
Unreviewed
CVE-2026-48327
was published
Jul 14, 2026
ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command (...
Critical
Unreviewed
CVE-2026-48324
was published
Jul 14, 2026
ColdFusion is affected by a Missing Authentication for Critical Function vulnerability that could...
Critical
Unreviewed
CVE-2026-48325
was published
Jul 14, 2026
ColdFusion is affected by an Incorrect Authorization vulnerability that could result in privilege...
Critical
Unreviewed
CVE-2026-48321
was published
Jul 14, 2026
ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path...
Critical
Unreviewed
CVE-2026-48319
was published
Jul 14, 2026
ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path...
Critical
Unreviewed
CVE-2026-48318
was published
Jul 14, 2026
ColdFusion is affected by an Improper Control of Generation of Code ('Code Injection')...
Critical
Unreviewed
CVE-2026-48322
was published
Jul 14, 2026
ColdFusion is affected by an Improper Input Validation vulnerability that could result in...
Critical
Unreviewed
CVE-2026-48284
was published
Jul 14, 2026
Use after free in Core in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote...
Critical
Unreviewed
CVE-2026-15773
was published
Jul 14, 2026
Adobe Experience Manager is affected by an Improper Restriction of XML External Entity Reference ...
Critical
Unreviewed
CVE-2026-48359
was published
Jul 14, 2026
Adobe Commerce is affected by an Improper Encoding or Escaping of Output vulnerability that could...
Critical
Unreviewed
CVE-2026-48358
was published
Jul 14, 2026
Adobe Commerce is affected by an Unrestricted Upload of File with Dangerous Type vulnerability...
Critical
Unreviewed
CVE-2026-48356
was published
Jul 14, 2026
Adobe Experience Manager is affected by a Server-Side Request Forgery (SSRF) vulnerability that...
Critical
Unreviewed
CVE-2026-48259
was published
Jul 14, 2026
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance...
Critical
Unreviewed
CVE-2026-15409
was published
Jul 14, 2026
The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to...
Critical
Unreviewed
CVE-2026-13001
was published
Jul 14, 2026
Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a...
Critical
Unreviewed
CVE-2026-57092
was published
Jul 14, 2026
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over...
Critical
Unreviewed
CVE-2026-56190
was published
Jul 14, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in...
Critical
Unreviewed
CVE-2026-56188
was published
Jul 14, 2026
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code...
Critical
Unreviewed
CVE-2026-56159
was published
Jul 14, 2026
Deserialization of untrusted data in Microsoft Dynamics NAV allows an unauthorized attacker to...
Critical
Unreviewed
CVE-2026-55944
was published
Jul 14, 2026
Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a...
Critical
Unreviewed
CVE-2026-55040
was published
Jul 14, 2026
Heap-based buffer overflow in Minecraft Bedrock Dedicated Server allows an unauthorized attacker...
Critical
Unreviewed
CVE-2026-55010
was published
Jul 14, 2026
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code...
Critical
Unreviewed
CVE-2026-50518
was published
Jul 14, 2026
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute...
Critical
Unreviewed
CVE-2026-50447
was published
Jul 14, 2026
ProTip!
Advisories are also available from the
GraphQL API