GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,556
Composer 5,975
Erlang 73
GitHub Actions 53
Go 4,004
Maven 6,648
npm 6,420
NuGet 974
pip 5,303
Pub 13
RubyGems 1,069
Rust 1,395
Swift 61

Unreviewed advisories

All unreviewed 307,832

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

363 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Several Spring WS integration paths with Spring Security could surface detailed account state ... Moderate Unreviewed

CVE-2026-40997 was published Jun 11, 2026

Spring Data REST serializes the full exception cause chain into HTTP error response bodies,... Moderate Unreviewed

CVE-2026-41730 was published Jun 10, 2026

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability.... Low Unreviewed

CVE-2025-52611 was published Jun 4, 2026

HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during... Moderate Unreviewed

CVE-2025-52606 was published Jun 4, 2026

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability... Moderate Unreviewed

CVE-2026-9794 was published May 28, 2026

IBM Business Automation Workflow containers and traditional may leak information about its... Moderate Unreviewed

CVE-2026-1248 was published May 27, 2026

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2... Moderate Unreviewed

CVE-2024-28765 was published May 27, 2026

In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly... Moderate Unreviewed

CVE-2026-5511 was published May 19, 2026

Vvveb before 1.0.8.3 contains an uncontrolled recursion vulnerability in the admin controller... High Unreviewed

CVE-2026-41935 was published May 14, 2026

HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error... Moderate Unreviewed

CVE-2025-31960 was published May 6, 2026

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application... Low Unreviewed

CVE-2025-59853 was published May 6, 2026

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized... High Unreviewed

CVE-2026-3259 was published Apr 23, 2026

HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of... Low Unreviewed

CVE-2025-52641 was published Apr 15, 2026

A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated,... Moderate Unreviewed

CVE-2025-14243 was published Apr 8, 2026

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0,... Moderate Unreviewed

CVE-2026-24511 was published Apr 8, 2026

XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by... High Unreviewed

CVE-2025-71282 was published Apr 1, 2026

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information... Moderate Unreviewed

CVE-2026-2484 was published Mar 25, 2026

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information... Moderate Unreviewed

CVE-2026-1262 was published Mar 25, 2026

HCL Traveler is affected by sensitive information disclosure. The application generates some... Moderate Unreviewed

CVE-2026-21783 was published Mar 24, 2026

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could... Moderate Unreviewed

CVE-2025-13726 was published Mar 13, 2026

Navtor NavBox allows information disclosure via the /api/ais-data endpoint. A remote,... Moderate Unreviewed

CVE-2026-2752 was published Mar 6, 2026

ONTAP versions 9.12.1 and higher with S3 NAS buckets are susceptible to an information disclosure... Moderate Unreviewed

CVE-2026-22052 was published Mar 5, 2026

IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5, and 6.2... Moderate Unreviewed

CVE-2025-36348 was published Feb 18, 2026

Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could... Moderate Unreviewed

CVE-2026-23598 was published Feb 17, 2026

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed... Moderate Unreviewed

CVE-2025-66594 was published Feb 9, 2026

Previous1…15 Next

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

363 advisories