Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

546 advisories

Loading
Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed... High Unreviewed
CVE-2026-12031 was published Jun 12, 2026
This issue was addressed with improved checks to prevent unauthorized actions. This issue is... High Unreviewed
CVE-2025-24284 was published Jun 11, 2026
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS... Moderate Unreviewed
CVE-2025-30431 was published Jun 11, 2026
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute... High Unreviewed
CVE-2026-48546 was published Jun 11, 2026
@hulumi/baseline: AccountFoundation reuse paths silently downgrade GuardDuty / Security Hub posture Moderate
CVE-2026-48037 was published for @hulumi/baseline (npm) Jun 10, 2026
kerberosmansour Credited to kerberosmansour
@hulumi/policies bypasses policy packs with a forged Pulumi-URN logical name High
CVE-2026-48033 was published for @hulumi/policies (npm) Jun 10, 2026
kerberosmansour Credited to kerberosmansour
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-48568 was published Jun 9, 2026
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-48570 was published Jun 9, 2026
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-48575 was published Jun 9, 2026
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-47656 was published Jun 9, 2026
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security... High Unreviewed
CVE-2026-45656 was published Jun 9, 2026
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a... Moderate Unreviewed
CVE-2026-45655 was published Jun 9, 2026
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a... High Unreviewed
CVE-2026-45588 was published Jun 9, 2026
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2026-45595 was published Jun 9, 2026
Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass... Low Unreviewed
CVE-2026-45459 was published Jun 9, 2026
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a... Moderate Unreviewed
CVE-2026-11695 was published Jun 9, 2026
Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a... Low Unreviewed
CVE-2026-11684 was published Jun 9, 2026
actual Allows Electron to Run As Node Moderate
CVE-2026-42890 was published for actual (npm) Jun 8, 2026
mustafa-sec Credited to mustafa-sec
Twig: Possible sandbox bypass when using a source policy High
CVE-2026-24425 was published for twig/twig (Composer) Jun 5, 2026
fabpot Credited to fabpot, wsparks-vc, XavLimSG, and Vincent550102 wsparks-vc wsparks-vc
XavLimSG XavLimSG Vincent550102 Vincent550102
Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53... Critical Unreviewed
CVE-2026-11282 was published Jun 5, 2026
Insufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11292 was published Jun 5, 2026
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0... Moderate Unreviewed
CVE-2026-11263 was published Jun 5, 2026
Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11264 was published Jun 5, 2026
Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a... Moderate Unreviewed
CVE-2026-11266 was published Jun 5, 2026
Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote... Moderate Unreviewed
CVE-2026-11288 was published Jun 5, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database