Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

508 advisories

Loading
CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause... Moderate Unreviewed
CVE-2026-9651 was published Jun 25, 2026
A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on... Moderate Unreviewed
CVE-2026-0271 was published Jun 11, 2026
In Mimecast Incydr before 2.6.0, arbitrary file access can occur. Moderate Unreviewed
CVE-2026-50590 was published Jun 5, 2026
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an... Moderate Unreviewed
CVE-2026-10997 was published Jun 5, 2026
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0,... Moderate Unreviewed
CVE-2026-2254 was published May 27, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43290 was published May 27, 2026
Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free... Moderate Unreviewed
CVE-2026-45246 was published May 18, 2026
An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an... Moderate Unreviewed
CVE-2026-42058 was published May 13, 2026
An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before... Moderate Unreviewed
CVE-2026-7431 was published May 12, 2026
ACAP applications can gain elevated privileges due to improper input validation during the... Moderate Unreviewed
CVE-2026-0541 was published May 12, 2026
A configuration file on the local file system had improper input validation which could allow... Moderate Unreviewed
CVE-2026-1185 was published May 12, 2026
OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in... Moderate Unreviewed
CVE-2026-41366 was published Apr 28, 2026
Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1... Moderate Unreviewed
CVE-2026-21011 was published Apr 13, 2026
The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have... Moderate Unreviewed
CVE-2026-4482 was published Apr 10, 2026
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2026-33271 was published Apr 2, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2026-28829 was published Mar 25, 2026
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2026-20693 was published Mar 25, 2026
Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file... Moderate Unreviewed
CVE-2026-29516 was published Mar 16, 2026
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control... Moderate Unreviewed
CVE-2025-15037 was published Mar 12, 2026
Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission... Moderate Unreviewed
CVE-2026-3315 was published Mar 10, 2026
An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get... Moderate Unreviewed
CVE-2025-41712 was published Mar 10, 2026
Sensitive information disclosure due to improper configuration of a headless browser. The... Moderate Unreviewed
CVE-2026-28725 was published Mar 6, 2026
Credentials are not deleted from Acronis Agent after plan revocation. The following products are... Moderate Unreviewed
CVE-2025-11790 was published Mar 6, 2026
Credentials are not deleted from Acronis Agent after plan revocation. The following products are... Moderate Unreviewed
CVE-2025-30413 was published Mar 6, 2026
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for... Moderate Unreviewed
CVE-2025-12801 was published Mar 4, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database