Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,723
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,947
Pub
13
RubyGems
1,055
Rust
1,338
Swift
54
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision... Critical Unreviewed
CVE-2026-42368 was published May 4, 2026
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows... Critical Unreviewed
CVE-2026-22337 was published Apr 27, 2026
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on... Critical Unreviewed
CVE-2026-33519 was published Apr 21, 2026
An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows... Critical Unreviewed
CVE-2026-33518 was published Apr 21, 2026
Duplicate Advisory: OpenClaw: Plugin subagent routes could bypass gateway authorization with synthetic admin scopes Critical
GHSA-phgf-3849-rgjq was published for openclaw (npm) Mar 31, 2026 withdrawn
OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate... Critical Unreviewed
CVE-2026-32922 was published Mar 29, 2026
Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege... Critical Unreviewed
CVE-2026-32519 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Andrew Munro / AffiliateWP RewardsWP rewardswp... Critical Unreviewed
CVE-2026-32520 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This... Critical Unreviewed
CVE-2026-27051 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Elated-Themes Search & Go searchgo allows... Critical Unreviewed
CVE-2026-24971 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege... Critical Unreviewed
CVE-2026-24968 was published Mar 25, 2026
Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead... Critical Unreviewed
CVE-2026-27542 was published Mar 19, 2026
Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro... Critical Unreviewed
CVE-2026-27983 was published Mar 5, 2026
Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task... Critical Unreviewed
CVE-2025-68869 was published Jan 22, 2026
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege... Critical Unreviewed
CVE-2026-23800 was published Jan 16, 2026
Uploading unvalidated container images may allow remote attackers to gain full access to the... Critical Unreviewed
CVE-2026-22908 was published Jan 15, 2026
An attacker may gain unauthorized access to the host filesystem, potentially allowing them to... Critical Unreviewed
CVE-2026-22907 was published Jan 15, 2026
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege... Critical Unreviewed
CVE-2024-32444 was published Jan 15, 2026
Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue... Critical Unreviewed
CVE-2026-23550 was published Jan 14, 2026
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege... Critical Unreviewed
CVE-2025-64188 was published Dec 18, 2025
OpenShift GitOps authenticated attackers can obtain cluster root access through forged ArgoCD custom resources Critical
CVE-2025-13888 was published for github.com/redhat-developer/gitops-operator (Go) Dec 15, 2025
Grafana Incorrect Privilege Assignment vulnerability Critical
CVE-2025-41115 was published for github.com/grafana/grafana (Go) Nov 21, 2025
cdupuis Credited to cdupuis
Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king... Critical Unreviewed
CVE-2025-6325 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration... Critical Unreviewed
CVE-2025-60195 was published Nov 6, 2025
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for... Critical Unreviewed
CVE-2025-60243 was published Nov 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database