Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

14,299 advisories

Loading
A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils... Low Unreviewed
CVE-2026-8724 was published May 17, 2026
Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS)... Low Unreviewed
CVE-2026-8656 was published May 16, 2026
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce the PostEditTimeLimit... Low Unreviewed
CVE-2026-4053 was published May 15, 2026
Permission control vulnerability in the app management and control module. Impact: Successful... Low Unreviewed
CVE-2026-41962 was published May 15, 2026
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this... Low Unreviewed
CVE-2026-41963 was published May 15, 2026
An out of bounds read in the remote management firmware could allow a privileged attacker read a... Low Unreviewed
CVE-2024-21950 was published May 15, 2026
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent... Low Unreviewed
CVE-2025-52532 was published May 15, 2026
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a... Low Unreviewed
CVE-2025-66660 was published May 15, 2026
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a... Low Unreviewed
CVE-2026-0428 was published May 15, 2026
A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load... Low Unreviewed
CVE-2022-23826 was published May 15, 2026
A compromised Trusted OS (TOS) driver could issue a malformed call that could potentially allow ... Low Unreviewed
CVE-2021-26380 was published May 15, 2026
Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8568 was published May 14, 2026
Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168... Low Unreviewed
CVE-2026-8572 was published May 14, 2026
Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed... Low Unreviewed
CVE-2026-8556 was published May 14, 2026
Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168... Low Unreviewed
CVE-2026-8579 was published May 14, 2026
Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8578 was published May 14, 2026
Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0... Low Unreviewed
CVE-2026-8536 was published May 14, 2026
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8545 was published May 14, 2026
Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote... Low Unreviewed
CVE-2026-8554 was published May 14, 2026
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had... Low Unreviewed
CVE-2026-8553 was published May 14, 2026
Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP... Low Unreviewed
CVE-2026-27680 was published May 14, 2026
Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access) Low
CVE-2026-45316 was published for open-webui (pip) May 14, 2026
qi-scape Credited to qi-scape and Classic298 Classic298 Classic298
A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of... Low Unreviewed
CVE-2026-6923 was published May 14, 2026
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain... Low Unreviewed
CVE-2025-62309 was published May 14, 2026
HCL AION is affected by a vulnerability where sensitive information may be included in URL... Low Unreviewed
CVE-2025-62317 was published May 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database