GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
3,664 advisories
Filter by severity
laravel-backup-restore has an OS Command Injection during database restore
High
CVE-2026-53932
was published
for
wnx/laravel-backup-restore
(Composer)
Jul 9, 2026
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is...
Low
Unreviewed
CVE-2026-15193
was published
Jul 9, 2026
A flaw has been found in christopherthielen check-peer-dependencies up to 4.3.4. Affected by this...
Moderate
Unreviewed
CVE-2026-15033
was published
Jul 8, 2026
aiosmtplib vulnerable to SMTP command injection via CR/LF in sender/recipient address
Moderate
CVE-2026-53533
was published
for
aiosmtplib
(pip)
Jul 7, 2026
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
Moderate
Unreviewed
CVE-2026-14802
was published
Jul 6, 2026
The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress...
High
Unreviewed
CVE-2026-9834
was published
Jul 2, 2026
An unauthenticated command injection vulnerability in the /goform/fast_setting_internet_set...
Moderate
Unreviewed
CVE-2026-38142
was published
Jul 1, 2026
A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function...
Low
Unreviewed
CVE-2026-13581
was published
Jun 29, 2026
A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function...
Low
Unreviewed
CVE-2026-13561
was published
Jun 29, 2026
A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the...
Low
Unreviewed
CVE-2026-13560
was published
Jun 29, 2026
A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40...
High
Unreviewed
CVE-2026-13545
was published
Jun 29, 2026
Gogs vulnerable to RCE via git rebase --exec argument injection in pull request merge
Critical
CVE-2026-52806
was published
for
gogs.io/gogs
(Go)
Jun 23, 2026
A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of...
Low
Unreviewed
CVE-2026-12815
was published
Jun 22, 2026
A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function...
Low
Unreviewed
CVE-2026-12814
was published
Jun 22, 2026
Improper neutralization of special elements used in a command ('command injection') in Microsoft...
Moderate
Unreviewed
CVE-2026-42895
was published
Jun 19, 2026
Read-only transaction bypass in the pgAdmin 4 AI Assistant allows an attacker who can influence...
Critical
Unreviewed
CVE-2026-12045
was published
Jun 19, 2026
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were...
Critical
Unreviewed
CVE-2026-38717
was published
Jun 18, 2026
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were...
Critical
Unreviewed
CVE-2026-38714
was published
Jun 18, 2026
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were...
Critical
Unreviewed
CVE-2026-38716
was published
Jun 18, 2026
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were...
Critical
Unreviewed
CVE-2026-38715
was published
Jun 18, 2026
PraisonAI: IMAP Command Injection via Unsanitized Email Search Parameters
High
GHSA-c969-5x3p-vq3v
was published
for
praisonaiagents
(pip)
Jun 18, 2026
Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution...
High
Unreviewed
CVE-2024-24909
was published
Jun 16, 2026
A code injection vulnerability in the wxExecute() function of OpenCPN v5.12.0 allows attackers to...
High
Unreviewed
CVE-2025-56814
was published
Jun 15, 2026
OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv...
High
Unreviewed
CVE-2026-53822
was published
Jun 13, 2026
File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection
High
CVE-2026-54090
was published
for
github.com/filebrowser/filebrowser/v2
(Go)
Jun 12, 2026
ProTip!
Advisories are also available from the
GraphQL API