GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,428
Composer 5,654
Erlang 49
GitHub Actions 50
Go 3,606
Maven 6,433
npm 5,910
NuGet 924
pip 4,831
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,317

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,311 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary... Critical Unreviewed

CVE-2026-6885 was published Apr 23, 2026

The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed

CVE-2026-3844 was published Apr 23, 2026

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed

CVE-2026-1555 was published Apr 22, 2026

Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon... Critical Unreviewed

CVE-2019-25714 was published Apr 21, 2026

Vvveb CMS v1.0.8 contains a remote code execution vulnerability in its media management... Critical Unreviewed

CVE-2026-6257 was published Apr 20, 2026

An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of... Critical Unreviewed

CVE-2026-38526 was published Apr 14, 2026

The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2026-2942 was published Apr 8, 2026

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due... Critical Unreviewed

CVE-2026-3535 was published Apr 8, 2026

The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed

CVE-2026-0740 was published Apr 7, 2026

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated... Critical Unreviewed

CVE-2016-20052 was published Apr 4, 2026

Authenticated user can upload a malicious file to the server and execute it, which leads to... Critical Unreviewed

CVE-2026-2701 was published Apr 2, 2026

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an... Critical Unreviewed

CVE-2026-4809 was published Mar 26, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic... Critical Unreviewed

CVE-2026-32523 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr... Critical Unreviewed

CVE-2026-32524 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads... Critical Unreviewed

CVE-2026-32536 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload... Critical Unreviewed

CVE-2026-32482 was published Mar 25, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro... Critical Unreviewed

CVE-2026-25413 was published Mar 25, 2026

Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload... Critical Unreviewed

CVE-2026-32985 was published Mar 20, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows... Critical Unreviewed

CVE-2026-27067 was published Mar 19, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd.... Critical Unreviewed

CVE-2026-27540 was published Mar 19, 2026

Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability... Critical Unreviewed

CVE-2017-20224 was published Mar 16, 2026

The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2026-3891 was published Mar 13, 2026

Microsoft Devices Pricing Program Remote Code Execution Vulnerability Critical Unreviewed

CVE-2026-21536 was published Mar 6, 2026

A improperly secured file management feature allows uploads of dangerous data types for... Critical Unreviewed

CVE-2026-21628 was published Mar 5, 2026

Unrestricted Upload of File with Dangerous Type vulnerability in firassaidi WooCommerce License... Critical Unreviewed

CVE-2026-28114 was published Mar 5, 2026

Previous1…53 Next

Previous 1 2 3 4 5 … 52 53 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,311 advisories