Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
975
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

128,120 advisories

Loading
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout <= 1.8.2 versions. High Unreviewed
CVE-2026-52695 was published Jun 15, 2026
Unauthenticated Sensitive Data Exposure in Affiliates Manager <= 2.9.50 versions. High Unreviewed
CVE-2026-52692 was published Jun 15, 2026
Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17 versions. High Unreviewed
CVE-2026-52702 was published Jun 15, 2026
Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions. High Unreviewed
CVE-2026-52699 was published Jun 15, 2026
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions. High Unreviewed
CVE-2026-52694 was published Jun 15, 2026
Subscriber SQL Injection in WCMultiShipping <= 3.0.2 versions. High Unreviewed
CVE-2026-52700 was published Jun 15, 2026
Customer Privilege Escalation in Dokan <= 5.0.2 versions. High Unreviewed
CVE-2026-49780 was published Jun 15, 2026
Subscriber SQL Injection in Taskbuilder <= 5.0.7 versions. High Unreviewed
CVE-2026-52697 was published Jun 15, 2026
Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7... High Unreviewed
CVE-2026-49055 was published Jun 15, 2026
Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions. High Unreviewed
CVE-2026-48964 was published Jun 15, 2026
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions. High Unreviewed
CVE-2026-48970 was published Jun 15, 2026
Unauthenticated Cross Site Scripting (XSS) in Funnel Builder by FunnelKit <= 3.15.0.2 versions. High Unreviewed
CVE-2026-48966 was published Jun 15, 2026
Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions. High Unreviewed
CVE-2026-49061 was published Jun 15, 2026
Subscriber Privilege Escalation in Amelia <= 2.3 versions. High Unreviewed
CVE-2026-48889 was published Jun 15, 2026
Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions. High Unreviewed
CVE-2026-49063 was published Jun 15, 2026
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions. High Unreviewed
CVE-2026-49065 was published Jun 15, 2026
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions. High Unreviewed
CVE-2026-49066 was published Jun 15, 2026
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery... High Unreviewed
CVE-2026-49056 was published Jun 15, 2026
Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions. High Unreviewed
CVE-2026-49068 was published Jun 15, 2026
Unauthenticated Broken Access Control in Knit Pay <= 9.4.0.0 versions. High Unreviewed
CVE-2026-49070 was published Jun 15, 2026
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions. High Unreviewed
CVE-2026-49110 was published Jun 15, 2026
Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions. High Unreviewed
CVE-2026-49112 was published Jun 15, 2026
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions. High Unreviewed
CVE-2026-49078 was published Jun 15, 2026
Subscriber Sensitive Data Exposure in Chatway Live Chat &#8211; AI Chatbot, Customer Support, FAQ... High Unreviewed
CVE-2026-49082 was published Jun 15, 2026
Contributor Privilege Escalation in LatePoint <= 5.5.1 versions. High Unreviewed
CVE-2026-49083 was published Jun 15, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database