Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View... Low Unreviewed
CVE-2026-8491 was published May 20, 2026
Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from... Low Unreviewed
CVE-2026-4643 was published May 18, 2026
OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open) Low
CVE-2026-41377 was published for openclaw (npm) Apr 2, 2026
davidluzsilva Credited to davidluzsilva
Mattermost Plugins versions <=11.4 10.11.11.0 fail to validate webhook request timestamps which... Low Unreviewed
CVE-2026-3109 was published Mar 26, 2026
@grackle-ai/server JSON.parse lacks try-catch logic in its gRPC Service AdapterConfig Handling Low
GHSA-8g29-8xwr-qmhr was published for @grackle-ai/server (npm) Mar 25, 2026
Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Improper Check for... Low Unreviewed
CVE-2026-22760 was published Mar 4, 2026
Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User... Low Unreviewed
CVE-2025-33030 was published Feb 10, 2026
Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS... Low Unreviewed
CVE-2025-32739 was published Feb 10, 2026
ingress-nginx has Improper Check for Unusual or Exceptional Conditions Low
CVE-2026-24513 was published for k8s.io/ingress-nginx (Go) Feb 4, 2026
Drupal core allows Forceful Browsing Low
CVE-2025-13080 was published for drupal/core (Composer) Nov 18, 2025
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web... Low Unreviewed
CVE-2025-52136 was published Aug 10, 2025
Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore... Low Unreviewed
CVE-2024-12533 was published May 13, 2025
7-Zip through 24.09 does not report an error for certain invalid xz files, involving stream flags... Low Unreviewed
CVE-2022-47112 was published Apr 19, 2025
7-Zip through 24.09 does not report an error for certain invalid xz files, involving block flags... Low Unreviewed
CVE-2022-47111 was published Apr 19, 2025
In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data... Low Unreviewed
CVE-2025-30258 was published Mar 19, 2025
Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint... Low Unreviewed
CVE-2025-0503 was published Feb 14, 2025
Mattermost has Improper Check for Unusual or Exceptional Conditions Low
CVE-2025-22445 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
Moodle has insufficient capability checks Low
CVE-2024-43435 was published for moodle/moodle (Composer) Nov 11, 2024
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before... Low Unreviewed
CVE-2024-27457 was published Oct 8, 2024
An application can be configured to block boot attempts after consecutive tamper resets are... Low Unreviewed
CVE-2024-2502 was published Aug 30, 2024
XMP Toolkit's `XmpFile::close` can trigger undefined behavior Low
GHSA-66fw-43h8-f8p3 was published for xmp_toolkit (Rust) Jul 26, 2024
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed
CVE-2024-5469 was published Jun 14, 2024
Improper conditions check in Intel(R) Power Gadget software for macOS all versions may allow an... Low Unreviewed
CVE-2023-38420 was published May 16, 2024
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in... Low Unreviewed
CVE-2021-46934 was published Feb 27, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI... Low Unreviewed
CVE-2023-48429 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database