Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
@joplin/onenote-converter: Path traversal in OneNote importer allows overwriting arbitrary files High
CVE-2026-22810 was published for @joplin/onenote-converter (npm) May 15, 2026
msiemens Credited to msiemens
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools... High Unreviewed
CVE-2026-34253 was published May 15, 2026
An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of... High Unreviewed
CVE-2026-38728 was published May 15, 2026
Oinone Pamirs 7.0.0 contains a command injection vulnerability in CommandHelper.executeCommands.... High Unreviewed
CVE-2026-39054 was published May 15, 2026
Permission control vulnerability in the web. Impact: Successful exploitation of this... High Unreviewed
CVE-2026-41964 was published May 15, 2026
SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream (reading... High Unreviewed
CVE-2026-44088 was published May 15, 2026
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed
CVE-2026-4094 was published May 15, 2026
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in... High Unreviewed
CVE-2026-6228 was published May 15, 2026
The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and... High Unreviewed
CVE-2026-6403 was published May 15, 2026
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an... High Unreviewed
CVE-2026-41702 was published May 15, 2026
Improper input validation in Delphix Continuous Data connectors allows an authenticated user to... High Unreviewed
CVE-2026-8654 was published May 15, 2026
Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for... High Unreviewed
CVE-2026-28761 was published May 15, 2026
Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious... High Unreviewed
CVE-2024-36334 was published May 15, 2026
A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve... High Unreviewed
CVE-2024-36333 was published May 15, 2026
Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine ... High Unreviewed
CVE-2024-36323 was published May 15, 2026
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products... High Unreviewed
CVE-2025-54518 was published May 15, 2026
A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to... High Unreviewed
CVE-2026-2652 was published May 15, 2026
An unchecked return value within the AMD Platform Management Framework (PMF) could allow an... High Unreviewed
CVE-2025-0028 was published May 15, 2026
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows users to... High Unreviewed
CVE-2026-7373 was published May 15, 2026
Improper input validation within the AMD Platform Management Framework (PMF) could allow an... High Unreviewed
CVE-2025-29936 was published May 15, 2026
An out of bounds write within the AMD Platform Management Framework (PMF) could allow an attacker... High Unreviewed
CVE-2025-29935 was published May 15, 2026
An unchecked return value within the AMD Platform Management Framework (PMF) could allow an... High Unreviewed
CVE-2025-29938 was published May 15, 2026
Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to... High Unreviewed
CVE-2025-54517 was published May 15, 2026
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary... High Unreviewed
CVE-2024-21962 was published May 15, 2026
Incorrect default permissions in the installation directory for the AMD general-purpose input... High Unreviewed
CVE-2025-48512 was published May 15, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database