Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,580
Maven
5,000+
npm
5,000+
NuGet
919
pip
4,816
Pub
13
RubyGems
1,043
Rust
1,251
Swift
53
Unreviewed advisories
All unreviewed
5,000+

10,491 advisories

Loading
The HT Mega Addons for Elementor WordPress plugin before 3.0.7 contains an unauthenticated AJAX... Moderate Unreviewed
CVE-2026-4106 was published Apr 23, 2026
The Table Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2026-4126 was published Apr 22, 2026
Tanium addressed an information disclosure vulnerability in Threat Response. Low Unreviewed
CVE-2026-6392 was published Apr 22, 2026
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). ... Moderate Unreviewed
CVE-2026-34318 was published Apr 21, 2026
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle... Moderate Unreviewed
CVE-2026-34296 was published Apr 21, 2026
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... High Unreviewed
CVE-2026-34305 was published Apr 21, 2026
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed
CVE-2026-34313 was published Apr 21, 2026
Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component... High Unreviewed
CVE-2026-34297 was published Apr 21, 2026
Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2026-34300 was published Apr 21, 2026
Vulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected... Moderate Unreviewed
CVE-2026-34273 was published Apr 21, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2026-34268 was published Apr 21, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2026-22016 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema)... Moderate Unreviewed
CVE-2026-22015 was published Apr 21, 2026
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2026-22006 was published Apr 21, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2026-22007 was published Apr 21, 2026
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that... Moderate Unreviewed
CVE-2026-21999 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema)... Low Unreviewed
CVE-2026-22001 was published Apr 21, 2026
October CMS has Safe Mode Bypass via CSS Preprocessor Compilers Moderate
CVE-2026-26067 was published for october/system (Composer) Apr 21, 2026
Neosprings Credited to Neosprings and daftspunk daftspunk daftspunk
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150. High Unreviewed
CVE-2026-6782 was published Apr 21, 2026
Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150 and... Moderate Unreviewed
CVE-2026-6770 was published Apr 21, 2026
Mitigation bypass in Firefox for Android. This vulnerability was fixed in Firefox 150. High Unreviewed
CVE-2026-6756 was published Apr 21, 2026
Glances: Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS High
CVE-2026-34839 was published for Glances (pip) Apr 21, 2026
Venukamatchi Credited to Venukamatchi
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are... Low Unreviewed
CVE-2026-22051 was published Apr 21, 2026
The Easy Appointments plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2026-2262 was published Apr 18, 2026
A vulnerability was detected in arnobt78 Hotel Booking Management System up to... Moderate Unreviewed
CVE-2026-6492 was published Apr 17, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database