GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15,534 advisories
Filter by severity
IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9...
Low
Unreviewed
CVE-2026-7364
was published
Jul 17, 2026
A vulnerability was detected in AstrBotDevs AstrBot up to 4.25.2. This affects the function...
Low
Unreviewed
CVE-2026-16074
was published
Jul 17, 2026
IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs...
Low
Unreviewed
CVE-2026-14971
was published
Jul 17, 2026
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this...
Low
Unreviewed
CVE-2026-16073
was published
Jul 17, 2026
oapi-codegen: OpenAPI Server Description Escapes Generated Go Comment and Injects Executable Code
Low
GHSA-rjwr-m7qx-3fjr
was published
for
github.com/oapi-codegen/oapi-codegen/v2
(Go)
Jul 17, 2026
The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions...
Low
Unreviewed
CVE-2025-59866
was published
Jul 17, 2026
HCL DevOps Loop is affected by insufficient input validation that allows special characters where...
Low
Unreviewed
CVE-2026-21764
was published
Jul 17, 2026
HCL DevOps Loop is affected by missing HTTP security headers. Missing security headers may reduce...
Low
Unreviewed
CVE-2026-21762
was published
Jul 17, 2026
A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function...
Low
Unreviewed
CVE-2026-16017
was published
Jul 17, 2026
HCL Aftermarket EPC is vulnerable to attack since the Application is vulnerable to Lucky 13. that...
Low
Unreviewed
CVE-2024-23573
was published
Jul 17, 2026
A vulnerability was determined in poco-ai poco-claw up to 0.5.4. This vulnerability affects the...
Low
Unreviewed
CVE-2026-16015
was published
Jul 17, 2026
A vulnerability was detected in itsourcecode Hospital Management System 1.0. Affected is an...
Low
Unreviewed
CVE-2026-16009
was published
Jul 17, 2026
A security vulnerability has been detected in sagold json-schema-library 11.5.0/11.5.1. This...
Low
Unreviewed
CVE-2026-16008
was published
Jul 17, 2026
Grav Flex-Objects before version 1.4.3 contains a broken access control vulnerability in the...
Low
Unreviewed
CVE-2026-62235
was published
Jul 17, 2026
grav-plugin-login before 3.8.11 contains a cross-site request forgery (CSRF) vulnerability in the...
Low
Unreviewed
CVE-2026-62236
was published
Jul 17, 2026
OpenClaw 2026.5.12 before 2026.5.26 contain an incorrect authorization vulnerability in the...
Low
Unreviewed
CVE-2026-62221
was published
Jul 17, 2026
OpenClaw MS Teams before 2026.5.12 contain an authorization bypass vulnerability where the...
Low
Unreviewed
CVE-2026-62224
was published
Jul 17, 2026
OpenClaw versions before 2026.5.18 contain an authorization bypass vulnerability in skill command...
Low
Unreviewed
CVE-2026-62225
was published
Jul 17, 2026
OpenClaw 2026.4.20 before 2026.5.28 contain a policy bypass in the QQBot media upload feature. A...
Low
Unreviewed
CVE-2026-62216
was published
Jul 17, 2026
Out-of-bounds write vulnerability in Legion of the Bouncy Castle Inc. BC-LTS bcprov-lts8on on ARM...
Low
Unreviewed
CVE-2026-15997
was published
Jul 17, 2026
Buffer Overflow vulnerability in Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042...
Low
Unreviewed
CVE-2024-32389
was published
Jul 16, 2026
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. URLAUTH does not honor...
Low
Unreviewed
CVE-2026-47087
was published
Jul 16, 2026
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is heap exposure in...
Low
Unreviewed
CVE-2026-47088
was published
Jul 16, 2026
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. GENURLAUTH-issued tokens can...
Low
Unreviewed
CVE-2026-47086
was published
Jul 16, 2026
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an...
Low
Unreviewed
CVE-2026-47081
was published
Jul 16, 2026
ProTip!
Advisories are also available from the
GraphQL API