GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
162,296 advisories
Filter by severity
Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1...
Moderate
Unreviewed
CVE-2026-56399
was published
Jul 1, 2026
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel...
Moderate
Unreviewed
CVE-2026-56363
was published
Jul 1, 2026
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security...
Moderate
Unreviewed
CVE-2026-56777
was published
Jul 1, 2026
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing...
Moderate
Unreviewed
CVE-2026-56365
was published
Jul 1, 2026
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the...
Moderate
Unreviewed
CVE-2026-56369
was published
Jul 1, 2026
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or...
Moderate
Unreviewed
CVE-2026-56377
was published
Jul 1, 2026
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of...
Moderate
Unreviewed
CVE-2026-56361
was published
Jul 1, 2026
Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization...
Moderate
Unreviewed
CVE-2026-56333
was published
Jul 1, 2026
n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users...
Moderate
Unreviewed
CVE-2026-56350
was published
Jul 1, 2026
Flowise before 3.1.2 sets Access-Control-Allow-Origin to a hardcoded wildcard (*) on its text-to...
Moderate
Unreviewed
CVE-2026-56277
was published
Jul 1, 2026
Capgo before 12.128.2 contains an information disclosure vulnerability in the /private...
Moderate
Unreviewed
CVE-2026-56318
was published
Jul 1, 2026
Capgo before 12.128.2 contains improper error handling in the /private/accept_invitation endpoint...
Moderate
Unreviewed
CVE-2026-56331
was published
Jul 1, 2026
Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table,...
Moderate
Unreviewed
CVE-2026-56334
was published
Jul 1, 2026
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS...
Moderate
Unreviewed
CVE-2026-56356
was published
Jul 1, 2026
Capgo before 12.128.2 contains an information disclosure vulnerability in the public...
Moderate
Unreviewed
CVE-2026-56327
was published
Jul 1, 2026
SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site...
Moderate
Unreviewed
CVE-2026-28322
was published
Jul 1, 2026
Storage Concentrator (SC & SCVM) is vulnerable to reflected cross-site scripting due to...
Moderate
Unreviewed
CVE-2026-50040
was published
Jul 1, 2026
Capgo console.capgo.app/login before 12.128.2 accepts access_token and refresh_token in URL query...
Moderate
Unreviewed
CVE-2026-56224
was published
Jul 1, 2026
Inappropriate implementation in TabStrip in Google Chrome prior to 150.0.7871.47 allowed a remote...
Moderate
Unreviewed
CVE-2026-14139
was published
Jul 1, 2026
Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain...
Moderate
Unreviewed
CVE-2026-14148
was published
Jul 1, 2026
Incorrect security UI in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker...
Moderate
Unreviewed
CVE-2026-14144
was published
Jul 1, 2026
Inappropriate implementation in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote...
Moderate
Unreviewed
CVE-2026-14153
was published
Jul 1, 2026
Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an...
Moderate
Unreviewed
CVE-2026-14154
was published
Jul 1, 2026
Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a...
Moderate
Unreviewed
CVE-2026-14112
was published
Jul 1, 2026
Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an...
Moderate
Unreviewed
CVE-2026-14119
was published
Jul 1, 2026
ProTip!
Advisories are also available from the
GraphQL API