GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,892
Composer 4,779
Erlang 36
GitHub Actions 29
Go 2,337
Maven 5,642
npm 3,971
NuGet 713
pip 3,769
Pub 12
RubyGems 923
Rust 976
Swift 38

Unreviewed advisories

All unreviewed 259,812

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,152 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A web application for configuring the controller is accessible at a specific path. It contains an... High Unreviewed

CVE-2025-25265 was published Jun 16, 2025

MCP Inspector proxy server lacks authentication between the Inspector client and proxy Critical

CVE-2025-49596 was published for @modelcontextprotocol/inspector (npm) Jun 13, 2025

A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with... Moderate Unreviewed

CVE-2024-35295 was published Jun 11, 2025

The Archify application contains a local privilege escalation vulnerability due to insufficient... High Unreviewed

CVE-2024-9062 was published Jun 11, 2025

A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This... Moderate Unreviewed

CVE-2025-5906 was published Jun 10, 2025

CyberData 011209 Intercom exposes features that could allow an unauthenticated to gain ... High Unreviewed

CVE-2025-26468 was published Jun 10, 2025

BackendAI Missing Authentication for Critical Function Critical

CVE-2025-49652 was published for backend.ai (pip) Jun 9, 2025

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an... Critical Unreviewed

CVE-2025-3461 was published Jun 8, 2025

In the moPS App through 1.8.618, all users can access administrative API endpoints without... Critical Unreviewed

CVE-2024-55585 was published Jun 7, 2025

A missing authentication for critical function vulnerability in the client application of Soar... Critical Unreviewed

CVE-2025-5192 was published Jun 6, 2025

The wallet has an authentication bypass vulnerability that allows access to specific pages. Moderate Unreviewed

CVE-2025-5719 was published Jun 6, 2025

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to... Critical Unreviewed

CVE-2025-1907 was published May 30, 2025

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6... Critical Unreviewed

CVE-2025-22252 was published May 28, 2025

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows... Critical Unreviewed

CVE-2025-2407 was published May 27, 2025

Due to missing authentication on a critical function of the devices an unauthenticated remote... Critical Unreviewed

CVE-2025-41651 was published May 27, 2025

The installer in SIGB PMB before 8.0.1.2 allows remote code execution. Moderate Unreviewed

CVE-2025-48742 was published May 27, 2025

Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to... Critical Unreviewed

CVE-2025-40664 was published May 26, 2025

An unauthenticated remote attacker can access a URL which causes the device to reboot. High Unreviewed

CVE-2025-41655 was published May 26, 2025

The embedded web server lacks authentication and access controls, allowing unrestricted remote... Critical Unreviewed

CVE-2025-36535 was published May 21, 2025

The devices do not implement any authentication for the web interface or the MQTT server. An... Moderate Unreviewed

CVE-2025-27803 was published May 21, 2025

In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue... Moderate Unreviewed

CVE-2025-47850 was published May 20, 2025

In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing... High Unreviewed

CVE-2025-48391 was published May 20, 2025

Missing authentication for critical function issue exists in I-O DATA network attached hard disk ... Moderate Unreviewed

CVE-2025-32738 was published May 15, 2025

A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed

CVE-2025-0132 was published May 14, 2025

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via... Critical Unreviewed

CVE-2024-46506 was published May 13, 2025

Previous 1 2 3 4 5 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,152 advisories