GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,850
Composer 5,061
Erlang 39
GitHub Actions 38
Go 2,690
Maven 6,134
npm 4,320
NuGet 760
pip 4,096
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,596

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

69 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26... Moderate Unreviewed

CVE-2025-43422 was published Nov 4, 2025

Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145,... Moderate Unreviewed

CVE-2025-13013 was published Nov 11, 2025

Drupal Email TFA allows Functionality Bypass Moderate

CVE-2025-12760 was published for drupal/email_tfa (Composer) Nov 18, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in quantumcloud Simple... Moderate Unreviewed

CVE-2025-49901 was published Oct 22, 2025

Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who... Moderate Unreviewed

CVE-2025-12445 was published Nov 10, 2025

Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an... Moderate Unreviewed

CVE-2025-12431 was published Nov 10, 2025

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the... Moderate Unreviewed

CVE-2025-59392 was published Nov 6, 2025

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By... Moderate Unreviewed

CVE-2024-51464 was published Dec 21, 2024

Apache Tomcat - Security constraint bypass for pre/post-resources Moderate

CVE-2025-49125 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 16, 2025

Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass... Moderate Unreviewed

CVE-2025-55338 was published Oct 14, 2025

An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and... Moderate Unreviewed

CVE-2025-4427 was published May 13, 2025

Authentication bypass in some Zoom Rooms Clients before version 6.5.1 may allow an... Moderate Unreviewed

CVE-2025-58133 was published Oct 15, 2025

The credentials of the users stored in the system's local database can be used for the log in,... Moderate Unreviewed

CVE-2025-9914 was published Oct 6, 2025

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in FortiOS 7... Moderate Unreviewed

CVE-2025-22862 was published Oct 2, 2025

This vulnerability affects Firefox < 143 and Thunderbird < 143. Moderate Unreviewed

CVE-2025-10531 was published Sep 16, 2025

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi... Moderate Unreviewed

CVE-2023-4957 was published Oct 11, 2023

An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass... Moderate Unreviewed

CVE-2025-55623 was published Aug 22, 2025

An issue in the default configuration of the password reset function in LogicData eCommerce... Moderate Unreviewed

CVE-2025-52338 was published Aug 19, 2025

The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally... Moderate Unreviewed

CVE-2025-30026 was published Jul 11, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA -... Moderate Unreviewed

CVE-2025-6675 was published Jun 26, 2025

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a... Moderate Unreviewed

CVE-2025-6556 was published Jun 24, 2025

Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-5820 was published Jun 23, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-13772 was published Mar 14, 2025

Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful... Moderate Unreviewed

CVE-2025-48904 was published Jun 6, 2025

The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover... Moderate Unreviewed

CVE-2025-48926 was published May 28, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

69 advisories