Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

12,024 advisories

Loading
Apache Tomcat has an Improper Input Validation vulnerability Moderate
CVE-2026-32990 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Apr 9, 2026
tkwilli94 Credited to tkwilli94
Composer has a command injection via malicious perforce repository High
CVE-2026-40176 was published for composer/composer (Composer) Apr 14, 2026
glaubinix Credited to glaubinix and Saku0512 Saku0512 Saku0512
Composer has a command injection via malicious perforce reference High
CVE-2026-40261 was published for composer/composer (Composer) Apr 14, 2026
kodareef5 Credited to kodareef5
justhtml includes multiple security fixes Moderate
GHSA-c9vm-hv86-f23r was published for justhtml (pip) Apr 10, 2026
EmilStenstrom Credited to EmilStenstrom
Microsoft Security Advisory CVE-2026-33116 – .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability High
CVE-2026-33116 was published for System.Security.Cryptography.Xml (NuGet) Apr 14, 2026
DylanW01 Credited to DylanW01
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation... High Unreviewed
CVE-2026-27306 was published Apr 15, 2026
Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation... Moderate Unreviewed
CVE-2026-27299 was published Apr 15, 2026
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation... High Unreviewed
CVE-2026-27282 was published Apr 15, 2026
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation... Critical Unreviewed
CVE-2026-27304 was published Apr 15, 2026
An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi... High Unreviewed
CVE-2026-22565 was published Apr 14, 2026
Improper input validation in Windows Active Directory allows an authorized attacker to execute... High Unreviewed
CVE-2026-33826 was published Apr 14, 2026
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to... Moderate Unreviewed
CVE-2026-32201 was published Apr 14, 2026
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate... High Unreviewed
CVE-2026-32168 was published Apr 14, 2026
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. High Unreviewed
CVE-2026-32149 was published Apr 14, 2026
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security... High Unreviewed
CVE-2026-27928 was published Apr 14, 2026
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2026-27913 was published Apr 14, 2026
Improper input validation in Windows Hello allows an authorized attacker to bypass a security... Moderate Unreviewed
CVE-2026-27906 was published Apr 14, 2026
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate... High Unreviewed
CVE-2026-26170 was published Apr 14, 2026
Improper input validation in Windows Server Update Service allows an unauthorized attacker to... High Unreviewed
CVE-2026-26154 was published Apr 14, 2026
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code... High Unreviewed
CVE-2026-26156 was published Apr 14, 2026
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2026-26143 was published Apr 14, 2026
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to... High Unreviewed
CVE-2026-26161 was published Apr 14, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed
CVE-2025-67484 was published Feb 3, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed
CVE-2025-67480 was published Feb 3, 2026
nimiq-blockchain is missing a wall-clock upper bound on block timestamps Critical
CVE-2026-40093 was published for nimiq-blockchain (Rust) Apr 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database