Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,164
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,458
Pub
12
RubyGems
991
Rust
1,184
Swift
50
Unreviewed advisories
All unreviewed
5,000+

152,241 advisories

Loading
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure... Moderate Unreviewed
CVE-2026-32745 was published Mar 13, 2026
Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl... Moderate Unreviewed
CVE-2026-32461 was published Mar 13, 2026
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows... Moderate Unreviewed
CVE-2026-32486 was published Mar 13, 2026
The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data... Moderate Unreviewed
CVE-2026-4063 was published Mar 13, 2026
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2026-3986 was published Mar 13, 2026
Missing Authorization vulnerability in CyberChimps Responsive Blocks responsive-block-editor... Moderate Unreviewed
CVE-2026-32543 was published Mar 13, 2026
Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows... Moderate Unreviewed
CVE-2026-32487 was published Mar 13, 2026
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows... Moderate Unreviewed
CVE-2026-32447 was published Mar 13, 2026
Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2026-32440 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32448 was published Mar 13, 2026
Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2026-32442 was published Mar 13, 2026
Cross-Site Request Forgery (CSRF) vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce... Moderate Unreviewed
CVE-2026-32443 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32450 was published Mar 13, 2026
Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting... Moderate Unreviewed
CVE-2026-32453 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32455 was published Mar 13, 2026
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons)... Moderate Unreviewed
CVE-2026-32457 was published Mar 13, 2026
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site... Moderate Unreviewed
CVE-2026-32423 was published Mar 13, 2026
Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting... Moderate Unreviewed
CVE-2026-32421 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32424 was published Mar 13, 2026
Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment... Moderate Unreviewed
CVE-2026-32425 was published Mar 13, 2026
Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows... Moderate Unreviewed
CVE-2026-32428 was published Mar 13, 2026
Missing Authorization vulnerability in vowelweb VW Education Lite vw-education-lite allows... Moderate Unreviewed
CVE-2026-32427 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32429 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32430 was published Mar 13, 2026
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2026-32431 was published Mar 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database