Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

475 advisories

Loading
In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input... Low Unreviewed
CVE-2026-0142 was published Jun 16, 2026
Starlette: Unvalidated request path concatenated into authority poisons request.url.hostname Low
CVE-2026-54282 was published for Starlette (pip) Jun 15, 2026
nic-lovin Credited to nic-lovin
python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters Low
CVE-2026-53537 was published for python-multipart (pip) Jun 15, 2026
0xkakash1 Credited to 0xkakash1 and sammiee5311 sammiee5311 sammiee5311
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a... Low Unreviewed
CVE-2026-12017 was published Jun 12, 2026
Authenticated administrators connected to the local network can gain elevated access to the... Low Unreviewed
CVE-2026-0410 was published Jun 9, 2026
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an... Low Unreviewed
CVE-2026-48289 was published Jun 9, 2026
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an... Low Unreviewed
CVE-2026-48288 was published Jun 9, 2026
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation... Low Unreviewed
CVE-2026-45642 was published Jun 9, 2026
Capsule Namespace Hijacking via subresource Low
CVE-2026-30963 was published for github.com/projectcapsule/capsule (Go) May 28, 2026
xy585 Credited to xy585
Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827... Low Unreviewed
CVE-2026-11686 was published Jun 9, 2026
Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who... Low Unreviewed
CVE-2026-11675 was published Jun 9, 2026
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827... Low Unreviewed
CVE-2026-11691 was published Jun 9, 2026
A flaw has been found in Boost Serialization up to 1.91. The impacted element is an unknown... Low Unreviewed
CVE-2026-11460 was published Jun 7, 2026
The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even... Low Unreviewed
CVE-2025-13462 was published Mar 12, 2026
Insufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53... Low Unreviewed
CVE-2026-11240 was published Jun 5, 2026
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0... Low Unreviewed
CVE-2026-11244 was published Jun 5, 2026
Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic Low
CVE-2026-45723 was published for github.com/siderolabs/omni (Go) Jun 5, 2026
bugbunny-research Credited to bugbunny-research
Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53... Low Unreviewed
CVE-2026-11251 was published Jun 5, 2026
A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function... Low Unreviewed
CVE-2026-10566 was published Jun 2, 2026
Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216... Low Unreviewed
CVE-2026-9950 was published May 29, 2026
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous... Low Unreviewed
CVE-2015-6563 was published May 14, 2022
A security vulnerability has been detected in fraillt bitsery up to 5.2.4. Affected is the... Low Unreviewed
CVE-2026-9521 was published May 26, 2026
A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the... Low Unreviewed
CVE-2026-9497 was published May 26, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-28751 was published May 19, 2026
A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils... Low Unreviewed
CVE-2026-8735 was published May 17, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database