Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

476 advisories

Loading
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21333 was published Mar 11, 2026
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-25190 was published Mar 10, 2026
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function... High Unreviewed
CVE-2026-3787 was published Mar 9, 2026
OpenClaw's `tools.exec.safeBins` PATH-hijack allowed trojan binaries to bypass allowlist checks High
GHSA-g75x-8qqm-2vxp was published for openclaw (npm) Mar 3, 2026
jackhax Credited to jackhax
OpenClaw: system.run approvals did not bind PATH-token executable identity, enabling post-approval executable rebind High
GHSA-q399-23r3-hfx4 was published for openclaw (npm) Mar 2, 2026
tdjackey Credited to tdjackey
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local... High Unreviewed
CVE-2026-2998 was published Feb 23, 2026
A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability... High Unreviewed
CVE-2026-2542 was published Feb 16, 2026
A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25.... High Unreviewed
CVE-2026-2538 was published Feb 16, 2026
A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit... High Unreviewed
CVE-2026-2516 was published Feb 15, 2026
A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the... High Unreviewed
CVE-2025-15569 was published Feb 10, 2026
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead... High Unreviewed
CVE-2026-0662 was published Feb 4, 2026
OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking High
CVE-2026-24051 was published for go.opentelemetry.io/otel/sdk (Go) Feb 2, 2026
MorielHarush Credited to MorielHarush, pellared, and arminru pellared pellared
arminru arminru
During the installation of the Native Access application, a privileged helper `com.native... High Unreviewed
CVE-2026-24070 was published Feb 2, 2026
SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal High
CVE-2026-25992 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 28, 2026
EaEa0001 Credited to EaEa0001
Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21280 was published Jan 13, 2026
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-20943 was published Jan 13, 2026
An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local... High Unreviewed
CVE-2025-12793 was published Jan 6, 2026
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities... High Unreviewed
CVE-2019-25257 was published Dec 24, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... High Unreviewed
CVE-2025-64785 was published Dec 9, 2025
Untrusted search path in auth_query connection handler in PgBouncer before 1.25.0 allows an... High Unreviewed
CVE-2025-12819 was published Dec 3, 2025
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21923 was published Nov 23, 2025
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21922 was published Nov 23, 2025
A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an... High Unreviewed
CVE-2025-13433 was published Nov 20, 2025
Untrusted search path in Windows Administrator Protection allows an authorized attacker to... High Unreviewed
CVE-2025-60718 was published Nov 11, 2025
Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed... High Unreviewed
CVE-2024-14012 was published Oct 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database