Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

13,498 advisories

Loading
Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the... Low Unreviewed
CVE-2026-26230 was published Mar 16, 2026
A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this... Low Unreviewed
CVE-2026-4251 was published Mar 16, 2026
A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on... Low Unreviewed
CVE-2026-4250 was published Mar 16, 2026
Google Cloud Storage for Craft CMS has an Information Disclosure Vulnerability Low
CVE-2026-32266 was published for craftcms/google-cloud (Composer) Mar 16, 2026
Stored XSS in Memray-generated HTML reports via unescaped command-line metadata Low
CVE-2026-32722 was published for memray (pip) Mar 16, 2026
0xmrma Credited to 0xmrma
XSS in @leanprover/unicode-input-component Low
CVE-2026-32732 was published for @leanprover/unicode-input-component (npm) Mar 16, 2026
StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens Low
CVE-2026-32638 was published for studiocms (npm) Mar 16, 2026
restriction Credited to restriction and Adammatthiesen Adammatthiesen Adammatthiesen
A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on... Low Unreviewed
CVE-2026-4242 was published Mar 16, 2026
Mattermost versions 10.11.x <= 10.11.10 fail to validate user's authentication method when... Low Unreviewed
CVE-2026-22545 was published Mar 16, 2026
A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown... Low Unreviewed
CVE-2026-4243 was published Mar 16, 2026
HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature.... Low Unreviewed
CVE-2025-52649 was published Mar 16, 2026
HCL AION is affected by a vulnerability where internal filesystem paths may be exposed through... Low Unreviewed
CVE-2025-52642 was published Mar 16, 2026
HCL AION is affected by a vulnerability where certain offering configurations may permit... Low Unreviewed
CVE-2025-52646 was published Mar 16, 2026
HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper... Low Unreviewed
CVE-2025-52636 was published Mar 16, 2026
HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not... Low Unreviewed
CVE-2025-52645 was published Mar 16, 2026
A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This... Low Unreviewed
CVE-2026-4217 was published Mar 16, 2026
A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1... Low Unreviewed
CVE-2026-4219 was published Mar 16, 2026
A vulnerability was detected in myAEDES App up to 1.18.4 on Android. Affected is an unknown... Low Unreviewed
CVE-2026-4218 was published Mar 16, 2026
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from... Low Unreviewed
CVE-2026-32772 was published Mar 16, 2026
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after... Low Unreviewed
CVE-2026-32778 was published Mar 16, 2026
Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of... Low Unreviewed
CVE-2025-71264 was published Mar 16, 2026
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input.... Low Unreviewed
CVE-2025-26474 was published Mar 16, 2026
IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service... Low Unreviewed
CVE-2025-13459 was published Mar 16, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of... Low Unreviewed
CVE-2026-0639 was published Mar 16, 2026
pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback Low
CVE-2026-27448 was published for pyopenssl (pip) Mar 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database