Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

315 advisories

Loading
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-24618 was published Jun 12, 2026
Improper access control in AMD uProf may allow a local attacker with user privileges to write to... Moderate Unreviewed
CVE-2026-0466 was published Jun 9, 2026
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP... Low Unreviewed
CVE-2026-44743 was published Jun 9, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips... Moderate Unreviewed
CVE-2026-49077 was published Jun 4, 2026
The SAP Gateway allows attackers to inject content into error messages, potentially leading to... Moderate Unreviewed
CVE-2026-44749 was published May 26, 2026
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated... High Unreviewed
CVE-2018-25358 was published May 26, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-27349 was published May 21, 2026
An information disclosure vulnerability in the Chronosphere Chronocollector enables an... Moderate Unreviewed
CVE-2026-0239 was published May 13, 2026
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated... Moderate Unreviewed
CVE-2026-0240 was published May 13, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and... High Unreviewed
CVE-2026-43654 was published May 11, 2026
SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through... Moderate Unreviewed
CVE-2026-7864 was published May 8, 2026
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that... Moderate Unreviewed
CVE-2026-41928 was published May 8, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-25468 was published May 7, 2026
Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods High
CVE-2026-42047 was published for inngest (npm) May 5, 2026
benhylak Credited to benhylak
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-42644 was published Apr 29, 2026
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component,... High Unreviewed
CVE-2026-24222 was published Apr 28, 2026
Duplicate Advisory: OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability Moderate
GHSA-fjm8-mgc9-mf65 was published for openclaw (npm) Apr 24, 2026 withdrawn
Duplicate Advisory: OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients Moderate
GHSA-r7p2-r9g4-4xph was published for openclaw (npm) Apr 24, 2026 withdrawn
Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability... Moderate Unreviewed
CVE-2026-41459 was published Apr 22, 2026
Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in... High Unreviewed
CVE-2026-34413 was published Apr 22, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-39686 was published Apr 8, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-39566 was published Apr 8, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-39572 was published Apr 8, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2026-39571 was published Apr 8, 2026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP... Moderate Unreviewed
CVE-2026-39536 was published Apr 8, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database