Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,948
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,383
Swift
56
Unreviewed advisories
All unreviewed
5,000+

580 advisories

Loading
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows... Moderate Unreviewed
CVE-2026-8487 was published May 20, 2026
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could... Moderate Unreviewed
CVE-2025-48516 was published May 15, 2026
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when... Moderate Unreviewed
CVE-2026-36742 was published May 13, 2026
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local... Moderate Unreviewed
CVE-2026-21015 was published May 13, 2026
Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32... Moderate Unreviewed
CVE-2026-20718 was published May 12, 2026
Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers... Moderate Unreviewed
CVE-2026-21013 was published Apr 13, 2026
A container privilege escalation flaw was found in certain Red Hat Process Automation Manager... Moderate Unreviewed
CVE-2025-58713 was published Apr 8, 2026
A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images... Moderate Unreviewed
CVE-2025-57854 was published Apr 8, 2026
A container privilege escalation flaw was found in certain Web Terminal images. This issue stems... Moderate Unreviewed
CVE-2025-57853 was published Apr 8, 2026
A container privilege escalation flaw was found in certain Ansible Automation Platform images.... Moderate Unreviewed
CVE-2025-57847 was published Apr 8, 2026
A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes... Moderate Unreviewed
CVE-2025-57851 was published Apr 8, 2026
openclaw-claude-bridge: sandbox is not effective - `--allowed-tools ""` does not restrict available tools Moderate
CVE-2026-39398 was published for openclaw-claude-bridge (npm) Apr 8, 2026
Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows... Moderate Unreviewed
CVE-2025-7024 was published Apr 3, 2026
Claude SDK for Python has Insecure Default File Permissions in Local Filesystem Memory Tool Moderate
CVE-2026-34450 was published for anthropic (pip) Apr 1, 2026
gn00295120 Credited to gn00295120
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper... Moderate Unreviewed
CVE-2025-15615 was published Mar 27, 2026
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper... Moderate Unreviewed
CVE-2026-32983 was published Mar 27, 2026
In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with... Moderate Unreviewed
CVE-2026-0748 was published Mar 27, 2026
OpenClaw session transcript files were created without forced user-only permissions Moderate
CVE-2026-33572 was published for openclaw (npm) Mar 16, 2026
hsongkai11 Credited to hsongkai11
ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to... Moderate Unreviewed
CVE-2016-20029 was published Mar 16, 2026
A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images... Moderate Unreviewed
CVE-2025-8766 was published Mar 13, 2026
A container privilege escalation flaw was found in certain Fuse images. This issue stems from the... Moderate Unreviewed
CVE-2025-57849 was published Mar 13, 2026
Multiple i-フィルター products are configured with improper file access permission settings. Files may... Moderate Unreviewed
CVE-2026-28267 was published Mar 10, 2026
Local privilege escalation due to improper directory permissions. The following products are... Moderate Unreviewed
CVE-2026-28717 was published Mar 6, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1,... Moderate Unreviewed
CVE-2026-21423 was published Mar 4, 2026
HP System Event Utility might allow denial of service with elevated arbitrary file writes. This... Moderate Unreviewed
CVE-2026-2915 was published Mar 3, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database