Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
57
GitHub Actions
50
Go
3,767
Maven
5,000+
npm
5,000+
NuGet
937
pip
4,999
Pub
13
RubyGems
1,058
Rust
1,347
Swift
54
Unreviewed advisories
All unreviewed
5,000+

129 advisories

Loading
Memory corruption while processing IOCTL command when device is in power-save state. Moderate Unreviewed
CVE-2026-25266 was published May 4, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9,... High Unreviewed
CVE-2026-5173 was published Apr 9, 2026
The CrewAI CodeInterpreter tool falls back to SandboxPython when it cannot reach Docker, which... Critical Unreviewed
CVE-2026-2275 was published Mar 30, 2026
An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated... High Unreviewed
CVE-2026-3483 was published Mar 10, 2026
OneUptime has Synthetic Monitor RCE via exposed Playwright browser object Critical
CVE-2026-30957 was published for @oneuptime/common (npm) Mar 10, 2026
maru1009 Credited to maru1009
OneUptime: Synthetic Monitor RCE via exposed Playwright browser object Critical
CVE-2026-30921 was published for @oneuptime/common (npm) Mar 7, 2026
maru1009 Credited to maru1009
Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows... Critical Unreviewed
CVE-2026-30797 was published Mar 5, 2026
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This... High Unreviewed
CVE-2026-20423 was published Mar 2, 2026
OpenS100 (the reference implementation S-100 viewer) prior to commit 753cf29 contain a remote... Critical Unreviewed
CVE-2026-22208 was published Feb 17, 2026
Milvus: Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise Critical
CVE-2026-26190 was published for github.com/milvus-io/milvus (Go) Feb 11, 2026
0x1f Credited to 0x1f
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing... High Unreviewed
CVE-2025-47366 was published Feb 2, 2026
OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution High
CVE-2026-22812 was published for opencode-ai (npm) Jan 13, 2026
CyberShadow Credited to CyberShadow
Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools High
CVE-2025-9611 was published for @playwright/mcp (npm) Jan 7, 2026
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write High
CVE-2025-68697 was published for n8n (npm) Dec 26, 2025
berkdedekarginoglu Credited to berkdedekarginoglu
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14497 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14494 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14496 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14495 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14492 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14490 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14489 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14491 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14488 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14493 was published Dec 24, 2025
Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in... Moderate Unreviewed
CVE-2025-59788 was published Dec 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database