Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,876
Maven
5,000+
npm
4,502
NuGet
780
pip
4,254
Pub
12
RubyGems
975
Rust
1,100
Swift
49
Unreviewed advisories
All unreviewed
5,000+

28,333 advisories

Loading
A security issue has been identified in ibaPDA that could allow unauthorized actions on the file... Critical Unreviewed
CVE-2025-14988 was published Jan 27, 2026
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability... Critical Unreviewed
CVE-2026-24858 was published Jan 27, 2026
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks... Critical Unreviewed
CVE-2025-21589 was published Jan 27, 2026
SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor Critical
CVE-2026-23830 was published for @nyariv/sandboxjs (npm) Jan 27, 2026
nyxsorcerer
Credited to nyxsorcerer
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1472 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1477 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1473 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1475 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1483 was published Jan 27, 2026
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in themrdemonized... Critical Unreviewed
CVE-2026-24874 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1476 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1482 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1478 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1479 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1474 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1480 was published Jan 27, 2026
An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance... Critical Unreviewed
CVE-2026-1481 was published Jan 27, 2026
Improper Control of Generation of Code ('Code Injection') vulnerability in pilgrimage233... Critical Unreviewed
CVE-2026-24871 was published Jan 27, 2026
improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects... Critical Unreviewed
CVE-2026-24872 was published Jan 27, 2026
Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6... Critical Unreviewed
CVE-2026-24832 was published Jan 27, 2026
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows... Critical Unreviewed
CVE-2021-47900 was published Jan 27, 2026
Kyverno Cross-Namespace Privilege Escalation via Policy apiCall Critical
CVE-2026-22039 was published for github.com/kyverno/kyverno (Go) Jan 27, 2026
thevilledev
Credited to thevilledev
n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression... Critical Unreviewed
CVE-2026-1470 was published Jan 27, 2026
Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out... Critical Unreviewed
CVE-2026-24826 was published Jan 27, 2026
Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2... Critical Unreviewed
CVE-2026-24830 was published Jan 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database