GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,303
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
2,753 advisories
Filter by severity
Deserialization of untrusted data in Microsoft Dynamics NAV allows an unauthorized attacker to...
Critical
Unreviewed
CVE-2026-55944
was published
Jul 14, 2026
Deserialization of untrusted data in Windows Wireless Wide Area Network Service allows an...
High
Unreviewed
CVE-2026-50509
was published
Jul 14, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker...
Critical
Unreviewed
CVE-2026-58644
was published
Jul 14, 2026
Deserialization of untrusted data in Microsoft Exchange Server allows an authorized attacker to...
High
Unreviewed
CVE-2026-55009
was published
Jul 14, 2026
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code...
High
Unreviewed
CVE-2026-54117
was published
Jul 14, 2026
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code...
High
Unreviewed
CVE-2026-54118
was published
Jul 14, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker...
Critical
Unreviewed
CVE-2026-50522
was published
Jul 14, 2026
Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to...
High
Unreviewed
CVE-2026-50652
was published
Jul 14, 2026
The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input...
High
Unreviewed
CVE-2026-12583
was published
Jul 14, 2026
SAP Change and Transport System Attach Tool (ctsattach) allows an authenticated attacker to...
High
Unreviewed
CVE-2026-58233
was published
Jul 14, 2026
Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC Real Testimonials testimonial...
High
Unreviewed
CVE-2026-59521
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object...
Critical
Unreviewed
CVE-2026-59518
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in Themeum Kirki kirki allows Object Injection...
Critical
Unreviewed
CVE-2026-57724
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object...
Critical
Unreviewed
CVE-2026-57738
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18...
Critical
Unreviewed
CVE-2026-57744
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography...
Critical
Unreviewed
CVE-2026-57770
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in Marcus (aka @msykes) Events Manager events...
High
Unreviewed
CVE-2026-57713
was published
Jul 13, 2026
Deserialization of Untrusted Data vulnerability in denishua WPJAM Basic wpjam-basic allows Object...
High
Unreviewed
CVE-2026-57371
was published
Jul 13, 2026
Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized...
High
Unreviewed
CVE-2026-58281
was published
Jul 11, 2026
BabelDOC: Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py
High
CVE-2026-54071
was published
for
BabelDOC
(pip)
Jul 10, 2026
Dell Unisphere for PowerMax, version(s) 10.3.0.5 and prior, contain(s) a Deserialization of...
High
Unreviewed
CVE-2026-54469
was published
Jul 10, 2026
YesWiki Vulnerable to Authenticated PHP Object Injection in BazarImportAction via unserialize
Critical
CVE-2026-52777
was published
for
yeswiki/yeswiki
(Composer)
Jul 9, 2026
A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker...
Critical
Unreviewed
CVE-2026-33264
was published
Jul 7, 2026
Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel
Versions Affected:
before 3.0...
High
Unreviewed
CVE-2026-43825
was published
Jul 6, 2026
Deserialization of Untrusted Data vulnerability in Apache Camel PQC component.
The camel-pqc...
High
Unreviewed
CVE-2026-46590
was published
Jul 6, 2026
ProTip!
Advisories are also available from the
GraphQL API