Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,134
Maven
5,000+
npm
5,000+
NuGet
1,013
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,419
Swift
61
Unreviewed advisories
All unreviewed
5,000+

3,653 advisories

Loading
A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function... High Unreviewed
CVE-2026-10872 was published Jun 5, 2026
A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the... High Unreviewed
CVE-2026-10871 was published Jun 5, 2026
A flaw has been found in Shibby Tomato 1.28.0000. This affects the function start_dhcpc of the... High Unreviewed
CVE-2026-10870 was published Jun 4, 2026
MCP-for-Stata: Command injection via log_file_name parameter in Stata command wrapper Critical
CVE-2026-47708 was published for stata-mcp (pip) Jun 4, 2026
SepineTam Credited to SepineTam
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows... Critical Unreviewed
CVE-2026-8037 was published Jun 4, 2026
launch-editor vulnerable to command injection via the crafted request on Windows High
CVE-2024-52011 was published for launch-editor (npm) Jun 3, 2026
Ry0taK Credited to Ry0taK
A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an... Low Unreviewed
CVE-2026-10279 was published Jun 1, 2026
A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file... Moderate Unreviewed
CVE-2026-10273 was published Jun 1, 2026
A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function... Moderate Unreviewed
CVE-2026-10219 was published Jun 1, 2026
A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the... Moderate Unreviewed
CVE-2026-10214 was published Jun 1, 2026
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on... Critical Unreviewed
CVE-2026-49199 was published May 29, 2026
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and... High Unreviewed
CVE-2026-49196 was published May 29, 2026
A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302... Critical Unreviewed
CVE-2026-38707 was published May 28, 2026
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302... Critical Unreviewed
CVE-2026-38704 was published May 28, 2026
A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302... Critical Unreviewed
CVE-2026-38703 was published May 28, 2026
A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302... Critical Unreviewed
CVE-2026-38702 was published May 28, 2026
An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1... High Unreviewed
CVE-2026-5509 was published May 27, 2026
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands... High Unreviewed
CVE-2025-69600 was published May 27, 2026
Command injection in Raynet rvia version 12.6.4392.49-amd64.deb allows adversaries to execute... High Unreviewed
CVE-2026-38945 was published May 27, 2026
Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the ... High Unreviewed
CVE-2026-36540 was published May 27, 2026
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in... High Unreviewed
CVE-2026-48694 was published May 26, 2026
A vulnerability was determined in haojing8312 WorkClaw up to 0.6.4. This affects the function... Low Unreviewed
CVE-2026-9565 was published May 26, 2026
luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns... High Unreviewed
CVE-2026-46368 was published May 26, 2026
A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function... High Unreviewed
CVE-2026-9543 was published May 26, 2026
gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, allowing... High Unreviewed
CVE-2026-40034 was published May 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database