GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,980
Composer 5,607
Erlang 49
GitHub Actions 49
Go 3,521
Maven 6,414
npm 5,732
NuGet 911
pip 4,760
Pub 13
RubyGems 1,036
Rust 1,229
Swift 53

Unreviewed advisories

All unreviewed 298,052

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,609 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote... Critical Unreviewed

CVE-2026-20180 was published Apr 15, 2026

An issue in the file handling logic of the component download.php of SAC-NFe v2.0.02 allows... High Unreviewed

CVE-2026-30996 was published Apr 15, 2026

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to... Moderate Unreviewed

CVE-2026-20148 was published Apr 15, 2026

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a... High Unreviewed

CVE-2026-34619 was published Apr 15, 2026

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a... High Unreviewed

CVE-2026-27305 was published Apr 15, 2026

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in... Moderate Unreviewed

CVE-2026-25691 was published Apr 14, 2026

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Moderate Unreviewed

CVE-2026-2399 was published Apr 14, 2026

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability... Moderate Unreviewed

CVE-2026-22573 was published Apr 14, 2026

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability... Moderate Unreviewed

CVE-2025-68649 was published Apr 14, 2026

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22]... Moderate Unreviewed

CVE-2025-61624 was published Apr 14, 2026

The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the `block_name`... High Unreviewed

CVE-2026-6227 was published Apr 14, 2026

A malicious actor with access to the UniFi Play network could exploit a Path Traversal... Critical Unreviewed

CVE-2026-22562 was published Apr 14, 2026

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2026-3689 was published Apr 11, 2026

FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file... Critical Unreviewed

CVE-2026-6057 was published Apr 10, 2026

A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function... Moderate Unreviewed

CVE-2026-6024 was published Apr 10, 2026

A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the... Moderate Unreviewed

CVE-2026-5998 was published Apr 10, 2026

The Perfmatters plugin for WordPress is vulnerable to arbitrary file overwrite via path traversal... High Unreviewed

CVE-2026-4351 was published Apr 10, 2026

A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function... Moderate Unreviewed

CVE-2026-5962 was published Apr 9, 2026

A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown... Moderate Unreviewed

CVE-2026-5849 was published Apr 9, 2026

A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function... Moderate Unreviewed

CVE-2026-5841 was published Apr 9, 2026

ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal... High Unreviewed

CVE-2026-40027 was published Apr 9, 2026

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows... High Unreviewed

CVE-2026-40024 was published Apr 9, 2026

The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up... High Unreviewed

CVE-2026-5436 was published Apr 8, 2026

Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash can lead to... High Unreviewed

CVE-2026-33466 was published Apr 8, 2026

The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2026-3243 was published Apr 8, 2026

Previous1…265 Next

Previous 1 2 3 4 5 … 264 265 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,609 advisories