Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

161,143 advisories

Loading
CakePHP Authentication: Open redirect weakness via backslash bypass Moderate
CVE-2026-55590 was published for cakephp/authentication (Composer) Jun 17, 2026
Deno: Denial of service via non-ASCII bytes in WebSocket response headers Moderate
CVE-2026-55517 was published for deno (Rust) Jun 17, 2026
snoopysecurity Credited to snoopysecurity
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security... Moderate Unreviewed
CVE-2026-30799 was published Jun 17, 2026
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark... Moderate Unreviewed
CVE-2026-48591 was published Jun 17, 2026
A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk... Moderate Unreviewed
CVE-2026-1288 was published Jun 17, 2026
A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where... Moderate Unreviewed
CVE-2026-12515 was published Jun 17, 2026
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an... Moderate Unreviewed
CVE-2026-20246 was published Jun 17, 2026
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Neutralization of Special... Moderate Unreviewed
CVE-2026-35069 was published Jun 17, 2026
A vulnerability in the browser-based version of Cisco Webex App could have allowed an... Moderate Unreviewed
CVE-2026-20178 was published Jun 17, 2026
A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could... Moderate Unreviewed
CVE-2026-20220 was published Jun 17, 2026
Out-of-bounds Write, Out-of-bounds Write, Out-of-bounds Write vulnerability in RTI Connext... Moderate Unreviewed
CVE-2026-2674 was published Jun 17, 2026
In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin"... Moderate Unreviewed
CVE-2026-20265 was published Jun 17, 2026
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security... Moderate Unreviewed
CVE-2026-2675 was published Jun 17, 2026
Dell PowerFlex rack, version(s) RCM 3.7/3.7, contain(s) a Host Header Injection vulnerability. An... Moderate Unreviewed
CVE-2025-32748 was published Jun 17, 2026
OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have... Moderate Unreviewed
CVE-2026-55748 was published Jun 17, 2026
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When... Moderate Unreviewed
CVE-2026-48142 was published Jun 17, 2026
Dell PowerFlex Manager, version(s) 4.6.0.1, contain(s) an Use of a Broken or Risky Cryptographic... Moderate Unreviewed
CVE-2026-40641 was published Jun 17, 2026
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control... Moderate Unreviewed
CVE-2026-35162 was published Jun 17, 2026
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control... Moderate Unreviewed
CVE-2026-35067 was published Jun 17, 2026
Plane CE 1.3.1 allows a low-privileged project member to submit arbitrary HTML/JS in the... Moderate Unreviewed
CVE-2026-10850 was published Jun 17, 2026
A flaw was found in 389 Directory Server in the __aclp__normalize_acltxt() function of aclparse.c... Moderate Unreviewed
CVE-2026-12528 was published Jun 17, 2026
Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API... Moderate Unreviewed
CVE-2026-54817 was published Jun 17, 2026
Unauthenticated Arbitrary File Deletion in WorkScout-Core <= 1.7.11 versions. Moderate Unreviewed
CVE-2026-52716 was published Jun 17, 2026
Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation... Moderate Unreviewed
CVE-2024-47477 was published Jun 17, 2026
The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2026-8494 was published Jun 17, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database