Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,820
Maven
5,000+
npm
4,444
NuGet
774
pip
4,215
Pub
12
RubyGems
970
Rust
1,089
Swift
47
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

285,433 advisories

Loading
Authenticated command injection vulnerabilities exist in the web-based management interface of... High Unreviewed
CVE-2025-37172 was published Jan 13, 2026
An arbitrary file deletion vulnerability has been identified in the command-line interface of... Moderate Unreviewed
CVE-2025-37177 was published Jan 13, 2026
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation... High Unreviewed
CVE-2026-21272 was published Jan 13, 2026
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2026-21299 was published Jan 13, 2026
Substance3D - Designer versions 15.0.3 and earlier are affected by an Out-of-bounds Read... Moderate Unreviewed
CVE-2026-21308 was published Jan 13, 2026
Authenticated command injection vulnerabilities exist in the web-based management interface of... High Unreviewed
CVE-2025-37170 was published Jan 13, 2026
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to... Moderate Unreviewed
CVE-2026-0531 was published Jan 13, 2026
Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2026-21305 was published Jan 13, 2026
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for... Moderate Unreviewed
CVE-2025-37178 was published Jan 13, 2026
A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking... High Unreviewed
CVE-2025-37186 was published Jan 13, 2026
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to... Moderate Unreviewed
CVE-2026-0530 was published Jan 13, 2026
Authenticated arbitrary file write vulnerability exists in the web-based management interface of... High Unreviewed
CVE-2025-37174 was published Jan 13, 2026
Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2026-21307 was published Jan 13, 2026
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read... Moderate Unreviewed
CVE-2026-21303 was published Jan 13, 2026
Arbitrary file upload vulnerability exists in the web-based management interface of mobility... High Unreviewed
CVE-2025-37175 was published Jan 13, 2026
Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-21300 was published Jan 13, 2026
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2026-21277 was published Jan 13, 2026
Improper Input Validation (CWE-20) in Kibana's Email Connector can allow an attacker to cause an... Moderate Unreviewed
CVE-2026-0543 was published Jan 13, 2026
Arbitrary file deletion vulnerability have been identified in a system function of mobility... High Unreviewed
CVE-2025-37168 was published Jan 13, 2026
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation... High Unreviewed
CVE-2026-21268 was published Jan 13, 2026
Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21280 was published Jan 13, 2026
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation... High Unreviewed
CVE-2026-21271 was published Jan 13, 2026
Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-21288 was published Jan 13, 2026
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2026-21281 was published Jan 13, 2026
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of... High Unreviewed
CVE-2026-21267 was published Jan 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database