Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

960 advisories

Loading
A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute... Critical Unreviewed
CVE-2026-20181 was published Jun 17, 2026
A path traversal in the SFTP provider (`SFTPHook.retrieve_directory` / `SFTPOperator(operation... Critical Unreviewed
CVE-2026-50203 was published Jun 17, 2026
A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release... Critical Unreviewed
CVE-2026-10094 was published Jun 17, 2026
Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution Critical
GHSA-365w-hqf6-vxfg was published for crawl4ai (pip) Jun 16, 2026
August829 Credited to August829
Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions. Critical Unreviewed
CVE-2026-49766 was published Jun 15, 2026
An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a... Critical Unreviewed
CVE-2026-50869 was published Jun 15, 2026
In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping... Critical Unreviewed
CVE-2026-45390 was published Jun 15, 2026
Incomplete input validation and improperly configured folder permissions within Idira Privileged... Critical Unreviewed
CVE-2026-45171 was published Jun 12, 2026
A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same... Critical Unreviewed
CVE-2026-53476 was published Jun 10, 2026
AdGuard Home, when started with the --glinet flag, contains an authentication bypass... Critical Unreviewed
CVE-2026-41448 was published Jun 8, 2026
A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise... Critical Unreviewed
CVE-2026-11429 was published Jun 6, 2026
A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due... Critical Unreviewed
CVE-2026-11423 was published Jun 5, 2026
Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise... Critical Unreviewed
CVE-2026-11420 was published Jun 5, 2026
A path traversal vulnerability exists in the Altium Enterprise Server Vault Service... Critical Unreviewed
CVE-2026-11419 was published Jun 5, 2026
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in... Critical Unreviewed
CVE-2026-11414 was published Jun 5, 2026
An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers... Critical Unreviewed
CVE-2026-36500 was published Jun 5, 2026
NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker) Critical
CVE-2026-47731 was published for ait-core (pip) Jun 5, 2026
ehtec Credited to ehtec
DbGate: Zip Slip in archive/unzip allows arbitrary file write leading to RCE Critical
CVE-2026-47669 was published for dbgate (npm) Jun 5, 2026
WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that... Critical Unreviewed
CVE-2019-25727 was published Jun 4, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2026-48866 was published Jun 1, 2026
IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation... Critical Unreviewed
CVE-2026-7524 was published May 27, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2026-42756 was published May 27, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2026-42757 was published May 27, 2026
FileBrowser Quantum: Path traversal in public share PATCH allows file ops outside shared directory Critical
CVE-2026-48777 was published for github.com/gtsteffaniak/filebrowser/backend (Go) May 22, 2026
fg0x0 Credited to fg0x0 and Revanth011 Revanth011 Revanth011
A malicious actor with access to the network could exploit a Path Traversal vulnerability found... Critical Unreviewed
CVE-2026-34909 was published May 22, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database