Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,630
Maven
5,000+
npm
5,000+
NuGet
928
pip
4,850
Pub
13
RubyGems
1,045
Rust
1,301
Swift
53
Unreviewed advisories
All unreviewed
5,000+

10,505 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal... Moderate Unreviewed
CVE-2026-7382 was published Apr 30, 2026
Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path... Critical Unreviewed
CVE-2026-7381 was published Apr 30, 2026
Admidio Leaks Hidden Profile Field Values via Blind Search Oracle in Member Assignment Low
CVE-2026-41659 was published for admidio/admidio (Composer) Apr 29, 2026
offset Credited to offset
OpenClaw: Webchat audio embedding could read local files without local-root containment Moderate
GHSA-gfg9-5357-hv4c was published for openclaw (npm) Apr 29, 2026
zsxsoft Credited to zsxsoft
Fiber's cache middleware default key generator ignores query string, causing response mix-up across distinct query parameters Moderate
CVE-2026-30246 was published for github.com/gofiber/fiber/v3 (Go) Apr 28, 2026
xeloxa Credited to xeloxa, gaby, and ReneWerner87 gaby gaby
ReneWerner87 ReneWerner87
A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this... Moderate Unreviewed
CVE-2026-7071 was published Apr 27, 2026
A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown... Moderate Unreviewed
CVE-2026-7041 was published Apr 26, 2026
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of... Moderate Unreviewed
CVE-2026-7021 was published Apr 26, 2026
Cillium exposes sensitive information included in the cilium-bugtool debug archive High
CVE-2026-41520 was published for github.com/cilium/cilium (Go) Apr 25, 2026
tklauser Credited to tklauser and kodareef5 kodareef5 kodareef5
Gemini CLI: Remote Code Execution via workspace trust and tool allowlisting bypasses Critical
GHSA-wpqr-6v78-jr5g was published for @google/gemini-cli (GitHub Actions) Apr 24, 2026
DanusMinimus Credited to DanusMinimus and EladMeged-Novee EladMeged-Novee EladMeged-Novee
Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars Critical
CVE-2026-41492 was published for github.com/dgraph-io/dgraph (Go) Apr 24, 2026
MaherAzzouzi Credited to MaherAzzouzi
Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an... Critical Unreviewed
CVE-2026-21515 was published Apr 24, 2026
The HT Mega Addons for Elementor WordPress plugin before 3.0.7 contains an unauthenticated AJAX... Moderate Unreviewed
CVE-2026-4106 was published Apr 23, 2026
The Table Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2026-4126 was published Apr 22, 2026
Tanium addressed an information disclosure vulnerability in Threat Response. Low Unreviewed
CVE-2026-6392 was published Apr 22, 2026
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). ... Moderate Unreviewed
CVE-2026-34318 was published Apr 21, 2026
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle... Moderate Unreviewed
CVE-2026-34296 was published Apr 21, 2026
Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component... High Unreviewed
CVE-2026-34297 was published Apr 21, 2026
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... High Unreviewed
CVE-2026-34305 was published Apr 21, 2026
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... Moderate Unreviewed
CVE-2026-34313 was published Apr 21, 2026
Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2026-34300 was published Apr 21, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2026-34268 was published Apr 21, 2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema)... Moderate Unreviewed
CVE-2026-22015 was published Apr 21, 2026
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2026-22016 was published Apr 21, 2026
Vulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected... Moderate Unreviewed
CVE-2026-34273 was published Apr 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database