Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,818
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,355
Swift
54
Unreviewed advisories
All unreviewed
5,000+

1,011 advisories

Loading
Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged... High Unreviewed
CVE-2025-62628 was published May 14, 2026
Privilege escalation in the mk_mysql agent plugin on Windows in Checkmk <2.4.0p29, <2.3.0p47, and... Moderate Unreviewed
CVE-2024-47091 was published May 13, 2026
Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic... High Unreviewed
CVE-2026-44612 was published May 13, 2026
Uncontrolled search path for some Intel(R) Connectivity Performance Suite software installers... Moderate Unreviewed
CVE-2026-20772 was published May 12, 2026
Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3... Moderate Unreviewed
CVE-2025-36515 was published May 12, 2026
Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version... Moderate Unreviewed
CVE-2025-35969 was published May 12, 2026
OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled... High Unreviewed
CVE-2026-45004 was published May 11, 2026
RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control... Critical Unreviewed
CVE-2025-69599 was published May 8, 2026
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since... Moderate Unreviewed
CVE-2026-44406 was published May 7, 2026
There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview.... Moderate Unreviewed
CVE-2026-40004 was published May 7, 2026
Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows... High Unreviewed
CVE-2026-21661 was published May 6, 2026
Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using... High Unreviewed
CVE-2026-6788 was published May 6, 2026
OpenClaw: Workspace dotenv files cannot override connector endpoint hosts Moderate
GHSA-55cf-xx38-4p9p was published for openclaw (npm) May 4, 2026
qi-scape Credited to qi-scape
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-25852 was published Apr 29, 2026
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated... High Unreviewed
CVE-2026-7279 was published Apr 28, 2026
OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config Moderate
GHSA-mj59-h3q9-ghfh was published for openclaw (npm) Apr 25, 2026
garagon Credited to garagon
NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp... High Unreviewed
CVE-2026-42171 was published Apr 25, 2026
Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to... High Unreviewed
CVE-2026-32172 was published Apr 24, 2026
EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak... Moderate Unreviewed
CVE-2025-10549 was published Apr 23, 2026
IP Setting Software contains an issue with the DLL search path, which may lead to insecurely... High Unreviewed
CVE-2026-34488 was published Apr 23, 2026
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and... High Unreviewed
CVE-2026-32679 was published Apr 23, 2026
It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power... High Unreviewed
CVE-2026-5397 was published Apr 17, 2026
Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable... High Unreviewed
CVE-2026-22619 was published Apr 16, 2026
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that... High Unreviewed
CVE-2026-34632 was published Apr 15, 2026
A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain... Moderate Unreviewed
CVE-2026-1636 was published Apr 15, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database