Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,760
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9,... High Unreviewed
CVE-2026-5173 was published Apr 9, 2026
An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a local authenticated... High Unreviewed
CVE-2026-3483 was published Mar 10, 2026
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This... High Unreviewed
CVE-2026-20423 was published Mar 2, 2026
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing... High Unreviewed
CVE-2025-47366 was published Feb 2, 2026
OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution High
CVE-2026-22812 was published for opencode-ai (npm) Jan 13, 2026
CyberShadow Credited to CyberShadow
Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools High
CVE-2025-9611 was published for @playwright/mcp (npm) Jan 7, 2026
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write High
CVE-2025-68697 was published for n8n (npm) Dec 26, 2025
berkdedekarginoglu Credited to berkdedekarginoglu
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14495 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14494 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14497 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14496 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14493 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14490 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14489 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14491 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14492 was published Dec 24, 2025
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-14488 was published Dec 24, 2025
Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode High
CVE-2025-64443 was published for github.com/docker/mcp-gateway (Go) Dec 3, 2025
JLLeitschuh Credited to JLLeitschuh
Memory corruption while processing request sent from GVM. High Unreviewed
CVE-2025-47353 was published Nov 4, 2025
A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an... High Unreviewed
CVE-2025-37097 was published Jul 1, 2025
filebrowser Allows Shell Commands to Spawn Other Commands High
CVE-2025-52903 was published for github.com/filebrowser/filebrowser (Go) Jun 27, 2025
mtausig Credited to mtausig and hacdias hacdias hacdias
WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-5748 was published Jun 6, 2025
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-3698 was published Apr 16, 2025
Cryptographic issues while generating an asymmetric key pair for RKP use cases. High Unreviewed
CVE-2024-43065 was published Apr 7, 2025
Exposed Dangerous Method or Function vulnerability in PTT Inc. HGS Mobile App allows Manipulating... High Unreviewed
CVE-2024-12651 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database