Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,879 advisories

Loading
The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-12089 was published Jun 13, 2026
Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2026-11442 was published Jun 13, 2026
OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest... High Unreviewed
CVE-2026-53825 was published Jun 13, 2026
MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The... Moderate Unreviewed
CVE-2026-54394 was published Jun 12, 2026
Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16... High Unreviewed
CVE-2026-6961 was published Jun 12, 2026
A vulnerability in Kedro version 1.2.0 allows an attacker to exploit path traversal by providing... High Unreviewed
CVE-2026-3840 was published Jun 12, 2026
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File... Moderate Unreviewed
CVE-2026-11844 was published Jun 12, 2026
The  iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Path... Moderate Unreviewed
CVE-2026-11847 was published Jun 12, 2026
The  iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary... High Unreviewed
CVE-2026-11846 was published Jun 12, 2026
A malicious actor with access to the network could exploit a Path Traversal vulnerability found... High Unreviewed
CVE-2026-47368 was published Jun 12, 2026
Incomplete input validation and improperly configured folder permissions within Idira Privileged... Critical Unreviewed
CVE-2026-45171 was published Jun 12, 2026
A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed
CVE-2025-24268 was published Jun 11, 2026
Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction... High Unreviewed
CVE-2026-11816 was published Jun 11, 2026
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows... High Unreviewed
CVE-2026-8464 was published Jun 11, 2026
A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client... High Unreviewed
CVE-2026-40987 was published Jun 11, 2026
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on... Moderate Unreviewed
CVE-2026-0270 was published Jun 11, 2026
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2026-24717 was published Jun 10, 2026
A path traversal vulnerability has been reported to affect License Center. If a local attacker... Moderate Unreviewed
CVE-2025-62851 was published Jun 10, 2026
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an... Moderate Unreviewed
CVE-2026-34657 was published Jun 10, 2026
ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a... High Unreviewed
CVE-2026-47932 was published Jun 9, 2026
An arbitrary file deletion vulnerability in the /api/delete-temp-license/{file} endpoint of... Moderate Unreviewed
CVE-2026-36726 was published Jun 9, 2026
An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3... High Unreviewed
CVE-2026-36723 was published Jun 9, 2026
Hermes WebUI before version 0.51.269 contains a workspace boundary bypass vulnerability that... Moderate Unreviewed
CVE-2026-49957 was published Jun 9, 2026
Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot... High Unreviewed
CVE-2026-45482 was published Jun 9, 2026
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2026-45454 was published Jun 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database