Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,732
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,952
Pub
13
RubyGems
1,055
Rust
1,343
Swift
54
Unreviewed advisories
All unreviewed
5,000+

3,506 advisories

Loading
A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84.... Low Unreviewed
CVE-2026-8112 was published May 8, 2026
Improper neutralization of special elements used in a command ('command injection') in Azure... Critical Unreviewed
CVE-2026-35428 was published May 8, 2026
Improper neutralization of special elements used in a command ('command injection') in Copilot... High Unreviewed
CVE-2026-33111 was published May 8, 2026
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could... Moderate Unreviewed
CVE-2026-20169 was published May 6, 2026
HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling... High Unreviewed
CVE-2025-31951 was published May 6, 2026
gitoxide: CommandForbiddenInModulesConfiguration Bypass in gix_submodule::File::update() Enables Arbitrary Command Execution via .gitmodules High
GHSA-f26g-jm89-4g65 was published for gix (Rust) May 5, 2026
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the... High Unreviewed
CVE-2026-7823 was published May 5, 2026
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp... Moderate Unreviewed
CVE-2026-7785 was published May 5, 2026
net-imap vulnerable to command Injection via "raw" arguments to multiple commands Moderate
CVE-2026-42257 was published for net-imap (RubyGems) May 4, 2026
manunio Credited to manunio
net-imap vulnerable to command Injection via unvalidated Symbol inputs Moderate
CVE-2026-42258 was published for net-imap (RubyGems) May 4, 2026
manunio Credited to manunio
An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6... High Unreviewed
CVE-2026-36365 was published May 4, 2026
A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function... Low Unreviewed
CVE-2026-7730 was published May 4, 2026
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by... Moderate Unreviewed
CVE-2026-7698 was published May 3, 2026
A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is... Low Unreviewed
CVE-2026-7653 was published May 2, 2026
A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function... Low Unreviewed
CVE-2026-7642 was published May 2, 2026
A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function... Low Unreviewed
CVE-2026-7609 was published May 2, 2026
A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the... Low Unreviewed
CVE-2026-7608 was published May 2, 2026
yii2-mcp-server has a Command Injection Issue Low
CVE-2026-7600 was published for yii2-mcp-server (npm) May 2, 2026
A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0... Moderate Unreviewed
CVE-2026-7593 was published May 1, 2026
A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to... Moderate Unreviewed
CVE-2026-7590 was published May 1, 2026
A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65... Moderate Unreviewed
CVE-2026-26461 was published May 1, 2026
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the... High Unreviewed
CVE-2026-7538 was published May 1, 2026
mcp-server-semgrep has a Command Injection issue Moderate
CVE-2026-7446 was published for mcp-server-semgrep (npm) Apr 30, 2026
A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this... Moderate Unreviewed
CVE-2026-7443 was published Apr 30, 2026
A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function... Moderate Unreviewed
CVE-2026-7416 was published Apr 30, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database