Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,880
Maven
5,000+
npm
4,518
NuGet
784
pip
4,260
Pub
12
RubyGems
975
Rust
1,105
Swift
49
Unreviewed advisories
All unreviewed
5,000+

10,154 advisories

Loading
The WP Adminify plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2026-1060 was published Jan 28, 2026
Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter) Moderate
CVE-2026-24473 was published for hono (npm) Jan 27, 2026
kilkat JungJoonWoo
Credited to kilkat and JungJoonWoo
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6... Low Unreviewed
CVE-2026-24870 was published Jan 27, 2026
An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2025-67274 was published Jan 26, 2026
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09/01.00.09_55. This affects an... Low Unreviewed
CVE-2026-1407 was published Jan 26, 2026
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-6461 was published Jan 25, 2026
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-13920 was published Jan 24, 2026
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the... High Unreviewed
CVE-2025-52026 was published Jan 23, 2026
phpMyFAQ: Public API endpoints expose emails and invisible questions Moderate
CVE-2026-24422 was published for phpmyfaq/phpmyfaq (Composer) Jan 23, 2026
Brahim-Fouad
Credited to Brahim-Fouad
ALGO 8180 IP Audio Alerter Web UI Inclusion of Authentication Cookie in Response Body Information... Moderate Unreviewed
CVE-2026-0789 was published Jan 23, 2026
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an... High Unreviewed
CVE-2026-21524 was published Jan 23, 2026
Gitea improperly exposes issue and pull request titles Low
CVE-2026-20800 was published for github.com/go-gitea/gitea (Go) Jan 23, 2026
An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to... High Unreviewed
CVE-2025-69822 was published Jan 22, 2026
Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential... Low Unreviewed
CVE-2025-12738 was published Jan 22, 2026
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences... Moderate Unreviewed
CVE-2026-21974 was published Jan 21, 2026
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: User and User... High Unreviewed
CVE-2026-21940 was published Jan 21, 2026
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an... Critical Unreviewed
CVE-2026-0905 was published Jan 20, 2026
A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown... Low Unreviewed
CVE-2026-1197 was published Jan 20, 2026
A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an unknown function... Low Unreviewed
CVE-2026-1196 was published Jan 20, 2026
A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the... Moderate Unreviewed
CVE-2026-1194 was published Jan 20, 2026
A vulnerability was identified in birkir prime up to 0.4.0.beta.0. This impacts an unknown... Moderate Unreviewed
CVE-2026-1175 was published Jan 19, 2026
A vulnerability was detected in birkir prime up to 0.4.0.beta.0. This issue affects some unknown... Moderate Unreviewed
CVE-2026-1170 was published Jan 19, 2026
The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12129 was published Jan 17, 2026
The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-14075 was published Jan 17, 2026
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint... High Unreviewed
CVE-2025-69581 was published Jan 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database