GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
348,257 advisories
Filter by severity
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2026-40409
was published
Jun 9, 2026
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to...
High
Unreviewed
CVE-2026-34335
was published
Jun 9, 2026
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate...
High
Unreviewed
CVE-2026-40376
was published
Jun 9, 2026
Issue Summary: The PKCS#12 file processing fails to perform sufficient input
validation for files...
High
Unreviewed
CVE-2026-34181
was published
Jun 9, 2026
Issue Summary: Cryptographic Message Services (CMS) processing fails to perform
sufficient input...
Critical
Unreviewed
CVE-2026-34182
was published
Jun 9, 2026
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on...
High
Unreviewed
CVE-2026-40371
was published
Jun 9, 2026
Unauthenticated users on the local network can cause the router to become unavailable by sending...
Moderate
Unreviewed
CVE-2026-3088
was published
Jun 9, 2026
A vulnerability in which an attacker can provide a crafted external URL that may redirect a user...
Moderate
Unreviewed
CVE-2026-28301
was published
Jun 9, 2026
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM...
Moderate
Unreviewed
CVE-2026-34692
was published
Jun 9, 2026
NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based...
High
Unreviewed
CVE-2026-24180
was published
Jun 9, 2026
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate...
High
Unreviewed
CVE-2026-33828
was published
Jun 9, 2026
NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper...
High
Unreviewed
CVE-2026-24181
was published
Jun 9, 2026
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure...
High
Unreviewed
CVE-2026-32193
was published
Jun 9, 2026
DedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.
Critical
Unreviewed
CVE-2026-38615
was published
Jun 9, 2026
Issue summary: Remote peer may exhaust heap memory of the QUIC
server or client by flooding it...
High
Unreviewed
CVE-2026-34183
was published
Jun 9, 2026
Issue summary: A malicious server can exploit TLS OCSP stapling by delivering
a crafted response...
Moderate
Unreviewed
CVE-2026-35188
was published
Jun 9, 2026
Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive
element whose...
High
Unreviewed
CVE-2026-34180
was published
Jun 9, 2026
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft...
Moderate
Unreviewed
CVE-2026-33113
was published
Jun 9, 2026
Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to...
Critical
Unreviewed
CVE-2026-26142
was published
Jun 9, 2026
Insufficient configuration management in the listed devices allows authenticated administrators...
Moderate
Unreviewed
CVE-2026-0418
was published
Jun 9, 2026
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability.
High
Unreviewed
CVE-2026-22926
was published
Jun 9, 2026
CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could...
High
Unreviewed
CVE-2026-8045
was published
Jun 9, 2026
Authenticated administrators connected to the local network can modify router functionality...
Moderate
Unreviewed
CVE-2026-0416
was published
Jun 9, 2026
Insufficient input validation vulnerability in NETGEAR devices allows
authenticated...
Moderate
Unreviewed
CVE-2026-0417
was published
Jun 9, 2026
Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual...
Moderate
Unreviewed
CVE-2026-0412
was published
Jun 9, 2026
ProTip!
Advisories are also available from the
GraphQL API