GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
23 advisories
Filter by severity
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of...
High
Unreviewed
CVE-2020-14372
was published
May 24, 2022
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute...
High
Unreviewed
CVE-2015-5946
was published
May 17, 2022
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM)...
High
Unreviewed
CVE-2021-1133
was published
May 24, 2022
Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and...
High
Unreviewed
CVE-2018-6383
was published
May 13, 2022
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly...
High
Unreviewed
CVE-2018-16863
was published
May 13, 2022
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23844
was published
Jul 26, 2023
Microsoft Outlook Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30103
was published
Jun 11, 2024
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker...
High
Unreviewed
CVE-2025-29822
was published
Apr 8, 2025
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit...
High
Unreviewed
CVE-2025-48732
was published
Jul 24, 2025
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online...
High
Unreviewed
CVE-2022-50238
was published
Sep 8, 2025
IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame....
High
Unreviewed
CVE-2026-1773
was published
Feb 24, 2026
ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in...
High
Unreviewed
CVE-2026-34430
was published
Apr 1, 2026
ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the...
High
Unreviewed
CVE-2026-35000
was published
Apr 1, 2026
OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell...
High
Unreviewed
CVE-2026-44115
was published
May 6, 2026
OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's...
High
Unreviewed
CVE-2026-45006
was published
May 11, 2026
OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded...
High
Unreviewed
CVE-2026-53836
was published
Jun 13, 2026
picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the...
High
Unreviewed
CVE-2025-71351
was published
Jun 21, 2026
Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing...
High
Unreviewed
CVE-2025-71355
was published
Jul 1, 2026
Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard...
High
Unreviewed
CVE-2026-14534
was published
Jul 4, 2026
OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv...
High
Unreviewed
CVE-2026-59261
was published
Jul 8, 2026
OpenClaw versions before 2026.6.1 contain a flaw in host exec environment filtering that could...
High
Unreviewed
CVE-2026-62200
was published
Jul 14, 2026
OpenClaw versions before 2026.6.6 contain a flaw in host exec environment filtering that can miss...
High
Unreviewed
CVE-2026-62199
was published
Jul 14, 2026
OpenClaw versions before 2026.6.6 contain an environment variable filtering vulnerability in host...
High
Unreviewed
CVE-2026-62203
was published
Jul 17, 2026
ProTip!
Advisories are also available from the
GraphQL API