Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

591 advisories

Loading
A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's... High Unreviewed
CVE-2026-54228 was published Jun 13, 2026
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection... Moderate Unreviewed
CVE-2026-53838 was published Jun 13, 2026
OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin... High Unreviewed
CVE-2026-53831 was published Jun 13, 2026
OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv... High Unreviewed
CVE-2026-53822 was published Jun 13, 2026
File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path High
CVE-2026-54096 was published for github.com/filebrowser/filebrowser (Go) Jun 12, 2026
quart27219 Credited to quart27219, kimdu0, and hacdias kimdu0 kimdu0
hacdias hacdias
Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators High
GHSA-9wcp-79g5-5c3c was published for com.appsmith:server (Maven) Jun 12, 2026
Moonster8282 Credited to Moonster8282
A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh... High Unreviewed
CVE-2026-50631 was published Jun 12, 2026
Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital... High Unreviewed
CVE-2026-24067 was published Jun 10, 2026
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition... Moderate Unreviewed
CVE-2026-49958 was published Jun 9, 2026
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an... Moderate Unreviewed
CVE-2026-45647 was published Jun 9, 2026
Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service... High Unreviewed
CVE-2026-45487 was published Jun 9, 2026
Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation... High Unreviewed
CVE-2026-24065 was published Jun 9, 2026
A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0... High Unreviewed
CVE-2026-2638 was published Jun 9, 2026
Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token High
CVE-2026-45720 was published for github.com/siderolabs/omni (Go) Jun 5, 2026
bugbunny-research Credited to bugbunny-research
SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that... High Unreviewed
CVE-2025-41259 was published Jun 3, 2026
A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13... High Unreviewed
CVE-2025-64390 was published Jun 2, 2026
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input... High Unreviewed
CVE-2026-25260 was published Jun 2, 2026
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent... Moderate Unreviewed
CVE-2025-59610 was published Jun 2, 2026
In geniezone, there is a possible out of bounds write due to a race condition. This could lead to... Moderate Unreviewed
CVE-2026-20454 was published Jun 1, 2026
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix node_cnt race... Moderate Unreviewed
CVE-2026-46194 was published May 28, 2026
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix... Moderate Unreviewed
CVE-2026-46159 was published May 28, 2026
A flaw was found in Keycloak. An authenticated administrator with the `manage-clients` role can... Moderate Unreviewed
CVE-2026-9796 was published May 28, 2026
Pterodactyl has a database resource limit bypass via race condition in Client API Low
CVE-2026-35202 was published for pterodactyl/panel (Composer) May 26, 2026
UDPSendToFailed Credited to UDPSendToFailed
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time... High Unreviewed
CVE-2026-24191 was published May 26, 2026
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker... High Unreviewed
CVE-2026-45208 was published May 21, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database