GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
37 advisories
Filter by severity
OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv...
High
Unreviewed
CVE-2026-59261
was published
Jul 8, 2026
Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard...
High
Unreviewed
CVE-2026-14534
was published
Jul 4, 2026
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security...
Moderate
Unreviewed
CVE-2026-56777
was published
Jul 1, 2026
Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing...
High
Unreviewed
CVE-2025-71355
was published
Jul 1, 2026
picklescan before 1.0.4 fails to block at least seven Python standard library modules (including...
Critical
Unreviewed
CVE-2026-56315
was published
Jun 23, 2026
picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the...
High
Unreviewed
CVE-2025-71351
was published
Jun 21, 2026
OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded...
High
Unreviewed
CVE-2026-53836
was published
Jun 13, 2026
Roundcube's HTML sanitization path for message rendering allows loopback, localhost, RFC1918,...
Moderate
Unreviewed
CVE-2026-9818
was published
May 28, 2026
OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's...
High
Unreviewed
CVE-2026-45006
was published
May 11, 2026
OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action...
Low
Unreviewed
CVE-2026-44993
was published
May 11, 2026
OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell...
High
Unreviewed
CVE-2026-44115
was published
May 6, 2026
OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where...
Critical
Unreviewed
CVE-2026-43578
was published
May 6, 2026
OpenClaw before 2026.3.28 contains an SSRF guard bypass vulnerability that fails to block four...
Moderate
Unreviewed
CVE-2026-41361
was published
Apr 24, 2026
Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation...
Critical
Unreviewed
CVE-2026-34415
was published
Apr 22, 2026
ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the...
High
Unreviewed
CVE-2026-35000
was published
Apr 1, 2026
ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in...
High
Unreviewed
CVE-2026-34430
was published
Apr 1, 2026
IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame....
High
Unreviewed
CVE-2026-1773
was published
Feb 24, 2026
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online...
High
Unreviewed
CVE-2022-50238
was published
Sep 8, 2025
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit...
High
Unreviewed
CVE-2025-48732
was published
Jul 24, 2025
ServiceNow has addressed an input validation vulnerability that was identified in the Washington...
Critical
Unreviewed
CVE-2024-5217
was published
Jul 10, 2024
A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow...
Low
Unreviewed
CVE-2025-24388
was published
Jun 16, 2025
A vulnerability exists in the media upload component of the Asset
Suite versions listed below....
Moderate
Unreviewed
CVE-2025-1484
was published
May 30, 2025
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker...
High
Unreviewed
CVE-2025-29822
was published
Apr 8, 2025
A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser ...
Moderate
Unreviewed
CVE-2023-45593
was published
Mar 5, 2024
ServiceNow has addressed a sensitive file read vulnerability that was identified in the...
Moderate
Unreviewed
CVE-2024-5178
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API