Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
912
pip
4,768
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that... High Unreviewed
CVE-2026-34632 was published Apr 15, 2026
During an internal security assessment, a potential vulnerability was discovered in Lenovo... High Unreviewed
CVE-2026-4134 was published Apr 15, 2026
A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain... Moderate Unreviewed
CVE-2026-1636 was published Apr 15, 2026
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2026-5055 was published Apr 11, 2026
KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation... High Unreviewed
CVE-2026-4158 was published Apr 11, 2026
Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL file is placed to the... High Unreviewed
CVE-2026-28704 was published Apr 10, 2026
A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5... High Unreviewed
CVE-2026-30478 was published Apr 9, 2026
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and... High Unreviewed
CVE-2026-40031 was published Apr 9, 2026
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security... High Unreviewed
CVE-2025-14821 was published Apr 7, 2026
OpenClaw: Incomplete host-env-security-policy allows untrusted model to substitute compiler binaries via env overrides High
GHSA-g8xp-qx39-9jq9 was published for openclaw (npm) Apr 3, 2026
tdjackey Credited to tdjackey
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-27774 was published Apr 2, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28728 was published Apr 2, 2026
The application's update service, when checking for updates, loads certain system libraries from... High Unreviewed
CVE-2026-3775 was published Apr 1, 2026
openssl-encrypt: Dynamic .so loading for Whirlpool uses broad glob pattern without integrity verification Moderate
GHSA-j48q-4c78-rhf9 was published for openssl-encrypt (pip) Mar 31, 2026
Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe)... Moderate Unreviewed
CVE-2026-22561 was published Mar 31, 2026
The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load... High Unreviewed
CVE-2026-28760 was published Mar 26, 2026
The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier insecurely loads Dynamic... High Unreviewed
CVE-2026-26306 was published Mar 25, 2026
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2... High Unreviewed
CVE-2025-69784 was published Mar 16, 2026
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to... High Unreviewed
CVE-2026-2713 was published Mar 10, 2026
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the... Moderate Unreviewed
CVE-2026-24317 was published Mar 10, 2026
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries ... High Unreviewed
CVE-2026-30896 was published Mar 9, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28712 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28711 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2025-11792 was published Mar 6, 2026
Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows High
CVE-2025-15558 was published for github.com/docker/cli (Go) Mar 5, 2026
levpachmanov Credited to levpachmanov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database