GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,225
Composer 5,516
Erlang 48
GitHub Actions 48
Go 3,391
Maven 6,352
npm 5,473
NuGet 882
pip 4,614
Pub 13
RubyGems 1,026
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 296,085

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

29,432 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SciTokens is vulnerable to SQL Injection in KeyCache Critical

CVE-2026-32714 was published for scitokens (pip) Mar 31, 2026

Credited to pmcao and djw8605

djw8605

baserCMS has OS command injection vulnerability in installer Critical

CVE-2026-30880 was published for baserproject/basercms (Composer) Mar 31, 2026

baserCMS Update Functionality Vulnerable to OS Command Injection Critical

CVE-2026-30877 was published for baserproject/basercms (Composer) Mar 31, 2026

Credited to EricUeda

baserCMS has OS Command Injection Leading to Remote Code Execution (RCE) Critical

CVE-2026-21861 was published for baserproject/basercms (Composer) Mar 31, 2026

Credited to kaminuma

The MAVLink communication protocol does not require cryptographic authentication by default.... Critical Unreviewed

CVE-2026-1579 was published Mar 31, 2026

The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows... Critical Unreviewed

CVE-2026-3356 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows... Critical Unreviewed

CVE-2026-30285 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77... Critical Unreviewed

CVE-2026-30282 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in Funambol, Inc. Zefiro Cloud v32.0.2026011614 allows... Critical Unreviewed

CVE-2026-30286 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows... Critical Unreviewed

CVE-2026-30278 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3... Critical Unreviewed

CVE-2026-30283 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in DeftPDF Document Translator v54.0 allows attackers... Critical Unreviewed

CVE-2026-30276 was published Mar 31, 2026

An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite... Critical Unreviewed

CVE-2026-30281 was published Mar 31, 2026

A command injection vulnerability exists in mlflow/mlflow when serving a model with ... Critical Unreviewed

CVE-2026-0596 was published Mar 31, 2026

In its design for automatic terminal command execution, Sixth offers two options: Execute safe... Critical Unreviewed

CVE-2026-30310 was published Mar 31, 2026

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30311 was published Mar 31, 2026

DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30312 was published Mar 31, 2026

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability... Critical Unreviewed

CVE-2026-30314 was published Mar 31, 2026

OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage... Critical Unreviewed

CVE-2026-32917 was published Mar 31, 2026

OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where... Critical Unreviewed

CVE-2026-32916 was published Mar 31, 2026

SQL inyection (SQLi) vulnerability in Umami Software web application through an improperly... Critical Unreviewed

CVE-2026-4317 was published Mar 31, 2026

Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret... Critical Unreviewed

CVE-2025-15618 was published Mar 31, 2026

Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password... Critical Unreviewed

CVE-2026-3106 was published Mar 31, 2026

Stored Cross-Site Scripting (XSS) in Teampass versions prior to 3.1.5.16, affecting the password... Critical Unreviewed

CVE-2026-3107 was published Mar 31, 2026

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code... Critical Unreviewed

CVE-2026-3300 was published Mar 31, 2026

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

29,432 advisories