GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,212
Composer 5,909
Erlang 70
GitHub Actions 52
Go 3,948
Maven 6,604
npm 6,342
NuGet 969
pip 5,225
Pub 13
RubyGems 1,062
Rust 1,383
Swift 56

Unreviewed advisories

All unreviewed 305,468

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,475 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache... High Unreviewed

CVE-2026-49157 was published Jun 1, 2026

An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module... Low Unreviewed

CVE-2026-48190 was published Jun 1, 2026

An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above)... Low Unreviewed

CVE-2026-48191 was published Jun 1, 2026

Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow... High Unreviewed

CVE-2026-33590 was published May 28, 2026

The affected product extracts installation files to a temporary directory with incorrect default... High Unreviewed

CVE-2026-44469 was published May 26, 2026

The affected product creates a directory with insecure default permissions during administrative... High Unreviewed

CVE-2026-44468 was published May 26, 2026

Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that... High Unreviewed

CVE-2018-25359 was published May 26, 2026

Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through... High Unreviewed

CVE-2025-32749 was published May 26, 2026

Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows... Moderate Unreviewed

CVE-2026-8487 was published May 20, 2026

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail... Critical Unreviewed

CVE-2026-47107 was published May 19, 2026

Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could... Moderate Unreviewed

CVE-2025-48516 was published May 15, 2026

Incorrect default permissions in the installation directory for the AMD chipset driver could... High Unreviewed

CVE-2026-0432 was published May 15, 2026

Incorrect default permissions in the installation directory for the AMD general-purpose input... High Unreviewed

CVE-2025-48512 was published May 15, 2026

Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP... Low Unreviewed

CVE-2026-27680 was published May 14, 2026

Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when... Moderate Unreviewed

CVE-2026-36742 was published May 13, 2026

Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local... Moderate Unreviewed

CVE-2026-21015 was published May 13, 2026

Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32... Moderate Unreviewed

CVE-2026-20718 was published May 12, 2026

Spring AI: ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage High

CVE-2026-41712 was published for org.springframework.ai:spring-ai-advisors-vector-store (Maven) May 12, 2026

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local... High Unreviewed

CVE-2026-0539 was published Apr 22, 2026

HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration... High Unreviewed

CVE-2026-6823 was published Apr 21, 2026

HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including ... High Unreviewed

CVE-2026-6819 was published Apr 21, 2026

SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation... High Unreviewed

CVE-2026-39454 was published Apr 20, 2026

Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration... High Unreviewed

CVE-2026-30811 was published Apr 13, 2026

Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers... Moderate Unreviewed

CVE-2026-21013 was published Apr 13, 2026

Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability... High Unreviewed

CVE-2026-25203 was published Apr 10, 2026

Previous1…59 Next

Previous 1 2 3 4 5 … 58 59 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,475 advisories