Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

1,401 advisories

Loading
Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta Moderate
CVE-2026-47121 was published for github.com/sparkle-project/Sparkle (Swift) May 29, 2026
fg0x0 Credited to fg0x0
Froxlor has privilege escalation in SSH key synchronization via symlinked `authorized_keys` path High
CVE-2026-41236 was published for froxlor/froxlor (Composer) May 29, 2026
larlarua Credited to larlarua
KubeVirt has a Link Following issue High
CVE-2026-9804 was published for kubevirt.io/kubevirt (Go) May 28, 2026
Jenkins Pipeline: Groovy Libraries Plugin does not prohibit symbolic links in shared libraries High
CVE-2026-48921 was published for io.jenkins.plugins:pipeline-groovy-lib (Maven) May 27, 2026
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via... Moderate Unreviewed
CVE-2026-48693 was published May 26, 2026
KubeVirt has a Link Following vulnerability Critical
CVE-2026-7374 was published for kubevirt.io/kubevirt (Go) May 26, 2026
Portainer Has an Arbitrary File Read via Git Symlink Injection in Stack Auto-Update High
CVE-2026-44881 was published for github.com/portainer/portainer (Go) May 14, 2026
b-hermes Credited to b-hermes
ProTip! Advisories are also available from the GraphQL API