Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

585 advisories

Loading
A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an... High Unreviewed
CVE-2025-13433 was published Nov 20, 2025
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21923 was published Nov 23, 2025
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21922 was published Nov 23, 2025
The Firefox installer on Windows can be made to load malicious DLL files stored in the same... High Unreviewed
CVE-2017-7755 was published May 14, 2022
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to... Moderate Unreviewed
CVE-2025-49642 was published Dec 1, 2025
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted... High Unreviewed
CVE-2024-12168 was published Jun 2, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... High Unreviewed
CVE-2025-64785 was published Dec 9, 2025
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities... High Unreviewed
CVE-2019-25257 was published Dec 24, 2025
Untrusted search path in auth_query connection handler in PgBouncer before 1.25.0 allows an... High Unreviewed
CVE-2025-12819 was published Dec 3, 2025
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-20943 was published Jan 13, 2026
Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21280 was published Jan 13, 2026
An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local... High Unreviewed
CVE-2025-12793 was published Jan 6, 2026
pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip) Moderate
CVE-2026-23888 was published for pnpm (npm) Jan 26, 2026
mldangelo Credited to mldangelo and mgol mgol mgol
During the installation of the Native Access application, a privileged helper `com.native... High Unreviewed
CVE-2026-24070 was published Feb 2, 2026
An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in... Critical Unreviewed
CVE-2025-65078 was published Feb 3, 2026
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead... High Unreviewed
CVE-2026-0662 was published Feb 4, 2026
IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS ... Moderate Unreviewed
CVE-2025-13491 was published Feb 5, 2026
A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the... High Unreviewed
CVE-2025-15569 was published Feb 10, 2026
Tanium addressed an improper input validation vulnerability in Tanium Appliance. Low Unreviewed
CVE-2025-15321 was published Feb 5, 2026
SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal High
CVE-2026-25992 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 28, 2026
EaEa0001 Credited to EaEa0001
A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit... High Unreviewed
CVE-2026-2516 was published Feb 15, 2026
A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability... High Unreviewed
CVE-2026-2542 was published Feb 16, 2026
A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25.... High Unreviewed
CVE-2026-2538 was published Feb 16, 2026
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local... High Unreviewed
CVE-2026-2998 was published Feb 23, 2026
A weakness has been identified in VeePN up to 1.6.2. This affects an unknown function of the file... High Unreviewed
CVE-2025-12286 was published Oct 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database