Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

939 advisories

Loading
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2... High Unreviewed
CVE-2025-69784 was published Mar 16, 2026
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to... High Unreviewed
CVE-2026-2713 was published Mar 10, 2026
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the... Moderate Unreviewed
CVE-2026-24317 was published Mar 10, 2026
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries ... High Unreviewed
CVE-2026-30896 was published Mar 9, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28711 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28712 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2025-11792 was published Mar 6, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1,... Moderate Unreviewed
CVE-2026-22270 was published Mar 4, 2026
Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search... High Unreviewed
CVE-2026-24502 was published Mar 3, 2026
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL... High Unreviewed
CVE-2026-25191 was published Feb 26, 2026
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672... Moderate Unreviewed
CVE-2026-3091 was published Feb 24, 2026
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path... High Unreviewed
CVE-2026-21420 was published Feb 23, 2026
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability... High Unreviewed
CVE-2026-2492 was published Feb 21, 2026
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation... High Unreviewed
CVE-2026-2040 was published Feb 21, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26099 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26097 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26098 was published Feb 20, 2026
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue... High Unreviewed
CVE-2026-26050 was published Feb 20, 2026
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-54519 was published Feb 12, 2026
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which... High Unreviewed
CVE-2026-25676 was published Feb 12, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2361 was published Feb 11, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2360 was published Feb 11, 2026
A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve... High Unreviewed
CVE-2025-48503 was published Feb 11, 2026
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-52541 was published Feb 11, 2026
Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User... Moderate Unreviewed
CVE-2025-32452 was published Feb 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database