Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,164
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,458
Pub
12
RubyGems
991
Rust
1,184
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293,413 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed
CVE-2026-32460 was published Mar 13, 2026
The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is... High Unreviewed
CVE-2026-3045 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed
CVE-2026-32462 was published Mar 13, 2026
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not... High Unreviewed
CVE-2026-3873 was published Mar 13, 2026
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2026-3891 was published Mar 13, 2026
The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data... Moderate Unreviewed
CVE-2026-4063 was published Mar 13, 2026
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2026-3986 was published Mar 13, 2026
A broken access control may allow an authenticated user to perform a horizontal privilege... High Unreviewed
CVE-2026-3999 was published Mar 13, 2026
A flaw was identified in the RAR5 archive decompression logic of the libarchive library,... High Unreviewed
CVE-2026-4111 was published Mar 13, 2026
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote... High Unreviewed
CVE-2026-3910 was published Mar 13, 2026
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to... High Unreviewed
CVE-2026-3909 was published Mar 13, 2026
Missing Authorization vulnerability in CyberChimps Responsive Blocks responsive-block-editor... Moderate Unreviewed
CVE-2026-32543 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows... Moderate Unreviewed
CVE-2026-32487 was published Mar 13, 2026
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure... Moderate Unreviewed
CVE-2026-32745 was published Mar 13, 2026
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local... Critical Unreviewed
CVE-2026-32746 was published Mar 13, 2026
Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl... Moderate Unreviewed
CVE-2026-32461 was published Mar 13, 2026
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows... Moderate Unreviewed
CVE-2026-32486 was published Mar 13, 2026
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site... Moderate Unreviewed
CVE-2026-32423 was published Mar 13, 2026
Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting... Moderate Unreviewed
CVE-2026-32421 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32424 was published Mar 13, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2026-32422 was published Mar 13, 2026
Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment... Moderate Unreviewed
CVE-2026-32425 was published Mar 13, 2026
Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows... Moderate Unreviewed
CVE-2026-32428 was published Mar 13, 2026
Missing Authorization vulnerability in vowelweb VW Education Lite vw-education-lite allows... Moderate Unreviewed
CVE-2026-32427 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32429 was published Mar 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database