GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,362
Composer 5,942
Erlang 70
GitHub Actions 52
Go 3,967
Maven 6,619
npm 6,387
NuGet 973
pip 5,262
Pub 13
RubyGems 1,064
Rust 1,387
Swift 56

Unreviewed advisories

All unreviewed 306,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,162 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Hermes WebUI prior to v0.51.221 contains a path traversal vulnerability that allows attackers to... High Unreviewed

CVE-2026-11322 was published Jun 5, 2026

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows... High Unreviewed

CVE-2026-49135 was published Jun 1, 2026

A Dag author could either (a) create a symlink under their task's log directory pointing to an... Moderate Unreviewed

CVE-2026-40861 was published Jun 1, 2026

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8... Moderate Unreviewed

CVE-2026-6891 was published May 29, 2026

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may... Moderate Unreviewed

CVE-2026-6892 was published May 29, 2026

A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace... High Unreviewed

CVE-2026-9804 was published May 28, 2026

Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier does not prohibit... High Unreviewed

CVE-2026-48921 was published May 27, 2026

FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via... Moderate Unreviewed

CVE-2026-48693 was published May 26, 2026

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated... Critical Unreviewed

CVE-2026-7374 was published May 26, 2026

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets... Critical Unreviewed

CVE-2026-42496 was published May 26, 2026

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside... High Unreviewed

CVE-2026-42497 was published May 26, 2026

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed

CVE-2025-71212 was published May 21, 2026

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote... High Unreviewed

CVE-2026-44051 was published May 21, 2026

Improper link resolution before file access ('link following') in Azure Portal Windows Admin... High Unreviewed

CVE-2026-42834 was published May 20, 2026

Improper link resolution before file access ('link following') in Microsoft Defender allows an... High Unreviewed

CVE-2026-41091 was published May 20, 2026

Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system... High Unreviewed

CVE-2026-43619 was published May 20, 2026

An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell... Moderate Unreviewed

CVE-2026-34883 was published May 19, 2026

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function... Low Unreviewed

CVE-2026-8784 was published May 18, 2026

The locally served web site on the Garmin WDU (v1 1.4.6 and v2 5.0) allows a symlink attack. If a... High Unreviewed

CVE-2025-27850 was published May 13, 2026

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the... Moderate Unreviewed

CVE-2026-5061 was published May 12, 2026

CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to... High Unreviewed

CVE-2021-47949 was published May 10, 2026

A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part... Moderate Unreviewed

CVE-2026-7832 was published May 5, 2026

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1... High Unreviewed

CVE-2026-41882 was published Apr 30, 2026

Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution... Moderate Unreviewed

CVE-2026-27105 was published Apr 29, 2026

A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function... Low Unreviewed

CVE-2026-7397 was published Apr 29, 2026

Previous1…47 Next

Previous 1 2 3 4 5 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,162 advisories