GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
163,636 advisories
Filter by severity
An open redirect in Ivanti Xtraction before version 2026.2.1 allows a remote unauthenticated...
Moderate
Unreviewed
CVE-2026-14902
was published
Jul 14, 2026
Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows.
This issue...
Moderate
Unreviewed
CVE-2026-53566
was published
Jul 14, 2026
Sustainable Irrigation Platform (SIP) through version 5.2.16 contains a server-side request...
Moderate
Unreviewed
CVE-2026-58478
was published
Jul 14, 2026
Sustainable Irrigation Platform (SIP) through version 5.2.16 contains a stored cross-site...
Moderate
Unreviewed
CVE-2026-58475
was published
Jul 14, 2026
We are aware that exploit code for this is public however we are not aware of any attacks in the...
Moderate
Unreviewed
CVE-2026-15718
was published
Jul 14, 2026
We are aware that exploit code for this is public however we are not aware of any attacks in the...
Moderate
Unreviewed
CVE-2026-15719
was published
Jul 14, 2026
Users were able to upload files with arbitrary MIME types to forms using FileUpload or...
Moderate
Unreviewed
CVE-2026-15305
was published
Jul 14, 2026
An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data...
Moderate
Unreviewed
CVE-2026-12588
was published
Jul 14, 2026
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is...
Moderate
Unreviewed
CVE-2026-9341
was published
Jul 14, 2026
The fix for CVE-2026-0716 (commit 6ff7ef0, libsoup 3.6.6) placed the integer overflow guard...
Moderate
Unreviewed
CVE-2026-12478
was published
Jul 14, 2026
Milestone
has released a new version of XProtect® (and several cumulative patch updates)
which...
Moderate
Unreviewed
CVE-2026-3014
was published
Jul 14, 2026
Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9, 2.4.0 before 2.4.0p34, 2.3.0...
Moderate
Unreviewed
CVE-2026-14852
was published
Jul 14, 2026
A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced (All versions). Affected...
Moderate
Unreviewed
CVE-2026-54429
was published
Jul 14, 2026
Eclipse Grizzly in versions before 5.0.2, cannot properly parse the trailer section in malformed...
Moderate
Unreviewed
CVE-2026-12606
was published
Jul 14, 2026
In Eclipse KUKSA Databroker version 0.6.1, the kuksa.val.v2.VAL/PublishValue gRPC handler fails...
Moderate
Unreviewed
CVE-2026-13699
was published
Jul 14, 2026
A weakness has been identified in code-projects Online Job Portal 1.0. This affects an unknown...
Moderate
Unreviewed
CVE-2026-15677
was published
Jul 14, 2026
A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an...
Moderate
Unreviewed
CVE-2026-15675
was published
Jul 14, 2026
A security flaw has been discovered in code-projects Online Job Portal up to 1.0. The impacted...
Moderate
Unreviewed
CVE-2026-15676
was published
Jul 14, 2026
The SureForms WordPress plugin before 2.11.1 does not properly validate the payment amount on...
Moderate
Unreviewed
CVE-2026-11567
was published
Jul 14, 2026
The WP 2FA WordPress plugin before 3.1.1.2 does not verify that the email address supplied...
Moderate
Unreviewed
CVE-2026-12988
was published
Jul 14, 2026
The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape...
Moderate
Unreviewed
CVE-2025-15665
was published
Jul 14, 2026
SAP Create Single Payment does not perform necessary authorization checks for an authenticated...
Moderate
Unreviewed
CVE-2026-44770
was published
Jul 14, 2026
The News Kit Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2026-11390
was published
Jul 14, 2026
The WP Customer Area plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2026-7640
was published
Jul 14, 2026
A flaw has been found in poco-ai poco-claw up to 0.5.4. Affected is the function...
Moderate
Unreviewed
CVE-2026-15622
was published
Jul 14, 2026
ProTip!
Advisories are also available from the
GraphQL API