Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
42
Go
3,143
Maven
5,000+
npm
5,000+
NuGet
838
pip
4,438
Pub
12
RubyGems
990
Rust
1,174
Swift
50
Unreviewed advisories
All unreviewed
5,000+

40,772 advisories

Loading
A vulnerability in the web-based management interface of  Cisco Finesse, Cisco Packaged... Moderate Unreviewed
CVE-2026-20116 was published Mar 11, 2026
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express ... Moderate Unreviewed
CVE-2026-20117 was published Mar 11, 2026
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform... Moderate Unreviewed
CVE-2026-20162 was published Mar 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18... High Unreviewed
CVE-2026-1090 was published Mar 11, 2026
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the... Moderate Unreviewed
CVE-2026-3946 was published Mar 11, 2026
Craft CMS Vulnerable to Stored XSS via User Group Name in User Permissions Page Low
GHSA-g3hp-vvqf-8vw6 was published for craftcms/cms (Composer) Mar 11, 2026
mHe4am Credited to mHe4am
Umbraco has Stored XSS in UFM Rendering Pipeline via Permissive DOMPurify Attribute Filtering Moderate
CVE-2026-31833 was published for Umbraco.Cms (NuGet) Mar 11, 2026
odgrso Credited to odgrso
The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable... High Unreviewed
CVE-2026-3231 was published Mar 11, 2026
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed
CVE-2026-3178 was published Mar 11, 2026
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all... Moderate Unreviewed
CVE-2026-3492 was published Mar 11, 2026
The Astra theme for WordPress is vulnerable to Stored Cross-Site Scripting via the `ast-page... Moderate Unreviewed
CVE-2026-3534 was published Mar 11, 2026
IFTOP developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed
CVE-2026-3825 was published Mar 11, 2026
The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable... High Unreviewed
CVE-2026-1454 was published Mar 11, 2026
The WP ULike plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `... Moderate Unreviewed
CVE-2026-2358 was published Mar 11, 2026
The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API... Moderate Unreviewed
CVE-2026-2707 was published Mar 11, 2026
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the... Low Unreviewed
CVE-2026-3884 was published Mar 11, 2026
The DukaPress WordPress plugin through 3.2.4 does not sanitise and escape a parameter before... High Unreviewed
CVE-2026-2466 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... High Unreviewed
CVE-2026-21361 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... High Unreviewed
CVE-2026-21311 was published Mar 11, 2026
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2026-27251 was published Mar 11, 2026
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and... Moderate Unreviewed
CVE-2026-21292 was published Mar 11, 2026
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2026-27252 was published Mar 11, 2026
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2026-27264 was published Mar 11, 2026
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2026-27247 was published Mar 11, 2026
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2026-27240 was published Mar 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database