Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

969 advisories

Loading
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2... High Unreviewed
CVE-2025-69784 was published Mar 16, 2026
electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only) High
CVE-2024-27303 was published for app-builder-lib (npm) Mar 4, 2024
bruno-1337 Credited to bruno-1337
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to... High Unreviewed
CVE-2026-2713 was published Mar 10, 2026
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the... Moderate Unreviewed
CVE-2026-24317 was published Mar 10, 2026
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries ... High Unreviewed
CVE-2026-30896 was published Mar 9, 2026
OpenClaw: Command hijacking via unsafe PATH handling (bootstrapping + node-host PATH overrides) High
CVE-2026-29610 was published for openclaw (npm) Feb 18, 2026
akhmittra Credited to akhmittra
OpenClaw's hook transform module path allows traversal and arbitrary JavaScript module loading High
CVE-2026-28393 was published for openclaw (npm) Mar 3, 2026
akhmittra Credited to akhmittra
OpenClaw affected by potential code execution via unsafe hook module path handling in Gateway High
CVE-2026-28456 was published for openclaw (npm) Feb 18, 2026
222n5 Credited to 222n5
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2025-11792 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28711 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28712 was published Mar 6, 2026
Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows High
CVE-2025-15558 was published for github.com/docker/cli (Go) Mar 5, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1,... Moderate Unreviewed
CVE-2026-22270 was published Mar 4, 2026
Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search... High Unreviewed
CVE-2026-24502 was published Mar 3, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26098 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26099 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26097 was published Feb 20, 2026
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL... High Unreviewed
CVE-2026-25191 was published Feb 26, 2026
The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely... High Unreviewed
CVE-2026-24016 was published Jan 21, 2026
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672... Moderate Unreviewed
CVE-2026-3091 was published Feb 24, 2026
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path... High Unreviewed
CVE-2026-21420 was published Feb 23, 2026
Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to... High Unreviewed
CVE-2023-0213 was published Mar 29, 2023
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation... High Unreviewed
CVE-2026-2040 was published Feb 21, 2026
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability... High Unreviewed
CVE-2026-2492 was published Feb 21, 2026
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue... High Unreviewed
CVE-2026-26050 was published Feb 20, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database