Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+

124 advisories

Loading
n8n has a Guardrail Node Bypass Moderate
GHSA-fvfv-ppw4-7h2w was published for n8n (npm) Feb 26, 2026
akirilov Credited to akirilov
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP... Moderate Unreviewed
CVE-2026-0620 was published Feb 3, 2026
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for... Moderate Unreviewed
CVE-2026-1232 was published Feb 2, 2026
TaskWeaver has Protection Mechanism Failure and Server-Side Request Forgery (SSRF) Moderate
GHSA-gpx9-96j6-pp87 was published for agentos-taskweaver (pip) Jan 28, 2026
nnfrog Credited to nnfrog
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to... Moderate Unreviewed
CVE-2026-20824 was published Jan 13, 2026
A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This issue affects the function egetip... Moderate Unreviewed
CVE-2025-15422 was published Jan 2, 2026
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal ... Moderate Unreviewed
CVE-2025-59849 was published Dec 17, 2025
The Convercent Whistleblowing Platform operated by EQS Group contains a protection mechanism... Moderate Unreviewed
CVE-2025-34412 was published Dec 15, 2025
In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the... Moderate Unreviewed
CVE-2025-36938 was published Dec 11, 2025
HTTP/HTTPS Traffic Interception Bypass in mad-proxy Moderate
CVE-2025-67485 was published for mad-proxy (pip) Dec 9, 2025
machphy Credited to machphy
Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass... Moderate Unreviewed
CVE-2025-29864 was published Dec 3, 2025
The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass... Moderate Unreviewed
CVE-2025-11260 was published Nov 13, 2025
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an... Moderate Unreviewed
CVE-2025-62453 was published Nov 11, 2025
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... Moderate Unreviewed
CVE-2025-24834 was published Nov 11, 2025
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... Moderate Unreviewed
CVE-2025-24848 was published Nov 11, 2025
Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may... Moderate Unreviewed
CVE-2025-26402 was published Nov 11, 2025
Collision in MiniFilter driver in Avast Software Avast Free Antivirus  before 25.9  on Windows... Moderate Unreviewed
CVE-2025-10905 was published Nov 11, 2025
Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed
CVE-2025-12906 was published Nov 8, 2025
Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed
CVE-2025-12909 was published Nov 8, 2025
Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-60711 was published Oct 31, 2025
Missing Security Headers.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Moderate Unreviewed
CVE-2025-12554 was published Oct 31, 2025
The OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) plugin for... Moderate Unreviewed
CVE-2025-12094 was published Oct 31, 2025
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a... Moderate Unreviewed
CVE-2025-54917 was published Sep 9, 2025
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible persistent... Moderate Unreviewed
CVE-2025-48554 was published Sep 4, 2025
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard... Moderate Unreviewed
CVE-2025-20347 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database