Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

415 advisories

Loading
OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that... Moderate Unreviewed
CVE-2026-27670 was published Mar 19, 2026
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference... Moderate Unreviewed
CVE-2025-22850 was published Mar 11, 2026
Time-of-check time-of-use race condition in the WheaERST SMM module for some Intel(R) reference... High Unreviewed
CVE-2025-20028 was published Mar 11, 2026
If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS... High Unreviewed
CVE-2026-2364 was published Mar 10, 2026
Avira Internet Security contains a time-of-check time-of-use (TOCTOU) vulnerability in the... High Unreviewed
CVE-2026-27750 was published Mar 5, 2026
In MDDP, there is a possible system crash due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2026-20445 was published Mar 2, 2026
In MAE, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2026-20438 was published Mar 2, 2026
A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data... Low Unreviewed
CVE-2026-21725 was published Feb 25, 2026
In the Linux kernel, the following vulnerability has been resolved: bonding: annotate data-races... Moderate Unreviewed
CVE-2026-23212 was published Feb 18, 2026
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while... Moderate Unreviewed
CVE-2025-71225 was published Feb 18, 2026
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that... High Unreviewed
CVE-2026-26224 was published Feb 13, 2026
A race condition was addressed with improved handling of symbolic links. This issue is fixed in... Critical Unreviewed
CVE-2026-20677 was published Feb 12, 2026
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow... High Unreviewed
CVE-2023-31324 was published Feb 11, 2026
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow... High Unreviewed
CVE-2023-20548 was published Feb 11, 2026
A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow... Moderate Unreviewed
CVE-2024-36311 was published Feb 10, 2026
Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized... High Unreviewed
CVE-2026-21240 was published Feb 10, 2026
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET... High Unreviewed
CVE-2025-13818 was published Feb 6, 2026
It was found that the XPC service offered by the privileged helper of Native Access uses the PID... Critical Unreviewed
CVE-2026-24071 was published Feb 2, 2026
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10,... Low Unreviewed
CVE-2026-22281 was published Jan 22, 2026
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the method to collect FPC... Moderate Unreviewed
CVE-2026-21912 was published Jan 15, 2026
Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized... High Unreviewed
CVE-2026-20816 was published Jan 13, 2026
Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for... High Unreviewed
CVE-2026-20831 was published Jan 13, 2026
Memory corruption while handling sensor utility operations. Moderate Unreviewed
CVE-2025-47344 was published Jan 7, 2026
Memory corruption while processing a config call from userspace. Moderate Unreviewed
CVE-2025-47332 was published Jan 7, 2026
A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5... High Unreviewed
CVE-2025-61037 was published Dec 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database