GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
348,368 advisories
Filter by severity
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to...
High
Unreviewed
CVE-2026-45601
was published
Jun 9, 2026
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a...
High
Unreviewed
CVE-2026-45639
was published
Jun 9, 2026
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges...
High
Unreviewed
CVE-2026-45605
was published
Jun 9, 2026
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges...
High
Unreviewed
CVE-2026-45637
was published
Jun 9, 2026
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute...
High
Unreviewed
CVE-2026-45635
was published
Jun 9, 2026
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering...
Critical
Unreviewed
CVE-2026-45602
was published
Jun 9, 2026
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to...
High
Unreviewed
CVE-2026-45638
was published
Jun 9, 2026
Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to...
Moderate
Unreviewed
CVE-2026-45606
was published
Jun 9, 2026
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information...
Moderate
Unreviewed
CVE-2026-45634
was published
Jun 9, 2026
Improper link resolution before file access ('link following') in Windows Collaborative...
High
Unreviewed
CVE-2026-45586
was published
Jun 9, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in UI...
High
Unreviewed
CVE-2026-45597
was published
Jun 9, 2026
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to...
High
Unreviewed
CVE-2026-45596
was published
Jun 9, 2026
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to...
High
Unreviewed
CVE-2026-45504
was published
Jun 9, 2026
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a...
High
Unreviewed
CVE-2026-45588
was published
Jun 9, 2026
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to...
Moderate
Unreviewed
CVE-2026-45595
was published
Jun 9, 2026
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to...
High
Unreviewed
CVE-2026-45598
was published
Jun 9, 2026
Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID...
Moderate
Unreviewed
CVE-2026-45594
was published
Jun 9, 2026
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute...
High
Unreviewed
CVE-2026-45599
was published
Jun 9, 2026
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.
High
Unreviewed
CVE-2026-45593
was published
Jun 9, 2026
Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to...
High
Unreviewed
CVE-2026-45592
was published
Jun 9, 2026
Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers...
High
Unreviewed
CVE-2026-45600
was published
Jun 9, 2026
Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an...
High
Unreviewed
CVE-2026-45583
was published
Jun 9, 2026
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to...
Moderate
Unreviewed
CVE-2026-45502
was published
Jun 9, 2026
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to...
High
Unreviewed
CVE-2026-45484
was published
Jun 9, 2026
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft...
Moderate
Unreviewed
CVE-2026-45500
was published
Jun 9, 2026
ProTip!
Advisories are also available from the
GraphQL API