Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

4,410 advisories

Loading
Improper verification of access permissions when modifying permissions through the Administration... High Unreviewed
CVE-2026-47366 was published Jun 12, 2026
Under certain network configurations, a malicious actor with access to network could exploit an... High Unreviewed
CVE-2026-48610 was published Jun 12, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-46315 was published Jun 11, 2026
Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control... High Unreviewed
CVE-2026-45178 was published Jun 11, 2026
Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its... Critical Unreviewed
CVE-2026-45177 was published Jun 11, 2026
An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed
CVE-2025-46308 was published Jun 11, 2026
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43339 was published Jun 11, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24165 was published Jun 11, 2026
The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly... High Unreviewed
CVE-2026-41856 was published Jun 11, 2026
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below... Moderate Unreviewed
CVE-2026-20259 was published Jun 10, 2026
@hulumi/policies has a HULUMI-H5 bypass via decoy sibling resources targeting a different bucket High
CVE-2026-48034 was published for @hulumi/policies (npm) Jun 10, 2026
kerberosmansour Credited to kerberosmansour
Spring Data REST's JSON Patch (application/json-patch+json) implementation does not apply the... High Unreviewed
CVE-2026-41728 was published Jun 10, 2026
Spring Data REST's Querydsl integration accepts arbitrary persistent property paths as request... Moderate Unreviewed
CVE-2026-41837 was published Jun 10, 2026
SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php. High Unreviewed
CVE-2026-39169 was published Jun 9, 2026
Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control... High Unreviewed
CVE-2026-47907 was published Jun 9, 2026
Insecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from... Moderate Unreviewed
CVE-2026-36720 was published Jun 9, 2026
Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-49161 was published Jun 9, 2026
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-48578 was published Jun 9, 2026
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2026-45658 was published Jun 9, 2026
Improper access control in Office for Android allows an unauthorized attacker to perform spoofing... High Unreviewed
CVE-2026-45649 was published Jun 9, 2026
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-45654 was published Jun 9, 2026
Improper access control in Windows Administrator Protection allows an authorized attacker to... High Unreviewed
CVE-2026-42829 was published Jun 9, 2026
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2026-41092 was published Jun 9, 2026
A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal... Moderate Unreviewed
CVE-2026-49938 was published Jun 9, 2026
UAF vulnerability in the package management module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-41984 was published Jun 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database