GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
29 advisories
Filter by severity
Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47...
High
Unreviewed
CVE-2026-14114
was published
Jul 1, 2026
OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing...
High
Unreviewed
CVE-2026-53829
was published
Jun 13, 2026
Incorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a...
High
Unreviewed
CVE-2026-11175
was published
Jun 5, 2026
Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53...
High
Unreviewed
CVE-2026-11172
was published
Jun 5, 2026
In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to...
High
Unreviewed
CVE-2026-0093
was published
Jun 2, 2026
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into...
High
Unreviewed
CVE-2026-0094
was published
Jun 2, 2026
In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into...
High
Unreviewed
CVE-2026-0096
was published
Jun 2, 2026
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers...
High
Unreviewed
CVE-2019-25718
was published
Jun 2, 2026
In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security...
High
Unreviewed
CVE-2026-0088
was published
Jun 2, 2026
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
High
Unreviewed
CVE-2026-8964
was published
May 19, 2026
An inconsistent user interface issue was addressed with improved state management. This issue is...
High
Unreviewed
CVE-2025-46311
was published
May 12, 2026
An inconsistent user interface issue was addressed with improved state management. This issue is...
High
Unreviewed
CVE-2026-28964
was published
May 11, 2026
Duplicate Advisory: OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv
High
GHSA-w8rf-7qf8-65ww
was published
for
openclaw
(npm)
Mar 31, 2026
•
withdrawn
OpenClaw macOS deep link confirmation truncation can conceal executed agent message
High
CVE-2026-26320
was published
for
openclaw
(npm)
Feb 17, 2026
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that...
High
Unreviewed
CVE-2025-11720
was published
Oct 14, 2025
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2025-9491
was published
Aug 26, 2025
A clickjacking issue was addressed with improved out-of-process view handling. This issue is...
High
Unreviewed
CVE-2024-54558
was published
Mar 10, 2025
There is an improper interface design vulnerability in Huawei product. A module interface of the...
High
Unreviewed
CVE-2020-9236
was published
Dec 27, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows...
High
Unreviewed
CVE-2024-52271
was published
Dec 5, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign...
High
Unreviewed
CVE-2024-52270
was published
Dec 5, 2024
** INITIAL LIMITED RELEASE **
User Interface (UI) Misrepresentation of Critical Information...
High
Unreviewed
CVE-2024-52276
was published
Dec 4, 2024
** INITIAL LIMITED RELEASE **
User Interface (UI) Misrepresentation of Critical Information...
High
Unreviewed
CVE-2024-52269
was published
Dec 4, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSeal allows...
High
Unreviewed
CVE-2024-52277
was published
Dec 4, 2024
Microsoft Exchange Server Spoofing Vulnerability
High
Unreviewed
CVE-2024-49040
was published
Nov 12, 2024
User interface (UI) misrepresentation of critical information issue exists in multiple Home...
High
Unreviewed
CVE-2024-47045
was published
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API