Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

1,034 advisories

Loading
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672... Moderate Unreviewed
CVE-2026-3091 was published Feb 24, 2026
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path... High Unreviewed
CVE-2026-21420 was published Feb 23, 2026
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation... High Unreviewed
CVE-2026-2040 was published Feb 21, 2026
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability... High Unreviewed
CVE-2026-2492 was published Feb 21, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26098 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26097 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26099 was published Feb 20, 2026
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue... High Unreviewed
CVE-2026-26050 was published Feb 20, 2026
OpenClaw affected by potential code execution via unsafe hook module path handling in Gateway High
CVE-2026-28456 was published for openclaw (npm) Feb 18, 2026
222n5 Credited to 222n5
OpenClaw: Command hijacking via unsafe PATH handling (bootstrapping + node-host PATH overrides) High
CVE-2026-29610 was published for openclaw (npm) Feb 18, 2026
akhmittra Credited to akhmittra
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-54519 was published Feb 12, 2026
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which... High Unreviewed
CVE-2026-25676 was published Feb 12, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2360 was published Feb 11, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2361 was published Feb 11, 2026
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-52541 was published Feb 11, 2026
A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve... High Unreviewed
CVE-2025-48503 was published Feb 11, 2026
Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User... Moderate Unreviewed
CVE-2025-32452 was published Feb 10, 2026
Uncontrolled search path in some software installer for some VTune(TM) Profiler software and... Moderate Unreviewed
CVE-2025-20106 was published Feb 10, 2026
A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) ... High Unreviewed
CVE-2026-25656 was published Feb 10, 2026
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected... High Unreviewed
CVE-2026-25655 was published Feb 10, 2026
The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link... High Unreviewed
CVE-2026-24694 was published Feb 3, 2026
PsySH has Local Privilege Escalation via CWD .psysh.php auto-load Moderate
CVE-2026-25129 was published for psy/psysh (Composer) Jan 30, 2026
aqhmal Credited to aqhmal
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be... Moderate Unreviewed
CVE-2025-13919 was published Jan 28, 2026
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which... Moderate Unreviewed
CVE-2026-21408 was published Jan 27, 2026
DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows... High Unreviewed
CVE-2025-30248 was published Jan 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database