Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

339,386 advisories

Loading
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API... Unknown Unreviewed
CVE-2026-34195 was published Jun 13, 2026
OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature... High Unreviewed
CVE-2026-53823 was published Jun 13, 2026
OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP... Moderate Unreviewed
CVE-2026-53820 was published Jun 13, 2026
OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session... Low Unreviewed
CVE-2026-53826 was published Jun 13, 2026
OpenClaw before 2026.4.24 contains a token revocation vulnerability allowing callers with revoked... Moderate Unreviewed
CVE-2026-53824 was published Jun 13, 2026
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows... High Unreviewed
CVE-2025-7008 was published Jun 13, 2026
Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows... Moderate Unreviewed
CVE-2025-7006 was published Jun 13, 2026
Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file... High Unreviewed
CVE-2025-7011 was published Jun 13, 2026
Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a... Moderate Unreviewed
CVE-2025-7010 was published Jun 13, 2026
Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file... Moderate Unreviewed
CVE-2025-7005 was published Jun 13, 2026
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows... High Unreviewed
CVE-2025-7009 was published Jun 13, 2026
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed... High Unreviewed
CVE-2025-7002 was published Jun 13, 2026
Rejected reason: This candidate was issued in error. Unknown Unreviewed
CVE-2020-2521 was published Jun 13, 2026
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed... High Unreviewed
CVE-2025-7003 was published Jun 13, 2026
Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed... High Unreviewed
CVE-2025-7004 was published Jun 13, 2026
File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection High
CVE-2026-54090 was published for github.com/filebrowser/filebrowser/v2 (Go) Jun 12, 2026
RajChowdhury240 Credited to RajChowdhury240
File Browser has incorrect access control for public directory shares via rule path rebasing High
CVE-2026-54091 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
hacdias Credited to hacdias
File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames Moderate
CVE-2026-54093 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
hacdias Credited to hacdias
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope Moderate
CVE-2026-54094 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
DavidCarliez Credited to DavidCarliez, hacdias, m2hcz, and alanturing881 hacdias hacdias
m2hcz m2hcz alanturing881 alanturing881
File Browser has a DoS Vulnerability via Public Login API High
CVE-2026-54092 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
AshrafIbrahim03 Credited to AshrafIbrahim03
MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The... Moderate Unreviewed
CVE-2026-54394 was published Jun 12, 2026
An incorrect visibility condition in the MISP event template builder allowed authenticated non... Moderate Unreviewed
CVE-2026-54362 was published Jun 12, 2026
A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The... Moderate Unreviewed
CVE-2026-54393 was published Jun 12, 2026
A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event... Moderate Unreviewed
CVE-2026-54397 was published Jun 12, 2026
An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a... Moderate Unreviewed
CVE-2026-54396 was published Jun 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database