GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,163 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

@modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling High

CVE-2025-53109 was published for @modelcontextprotocol/server-filesystem (npm) Jul 1, 2025

A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an... High Unreviewed

CVE-2025-3771 was published Jun 26, 2025

Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh... Critical Unreviewed

CVE-2025-52936 was published Jun 23, 2025

A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... Moderate Unreviewed

CVE-2025-30642 was published Jun 17, 2025

A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security... High Unreviewed

CVE-2025-30641 was published Jun 17, 2025

A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... High Unreviewed

CVE-2025-30640 was published Jun 17, 2025

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed

CVE-2025-49156 was published Jun 17, 2025

A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a... High Unreviewed

CVE-2025-49157 was published Jun 17, 2025

os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the... Moderate Unreviewed

CVE-2025-0913 was published Jun 11, 2025

Improper link resolution before file access ('link following') in Windows Installer allows an... High Unreviewed

CVE-2025-33075 was published Jun 10, 2025

Improper link resolution before file access ('link following') in Windows Recovery Driver allows... High Unreviewed

CVE-2025-32721 was published Jun 10, 2025

2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2025-5474 was published Jun 6, 2025

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed

CVE-2024-54189 was published Jun 3, 2025

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed

CVE-2024-52561 was published Jun 3, 2025

A privilege escalation vulnerability exists in the virtual machine archive restoration... High Unreviewed

CVE-2024-36486 was published Jun 3, 2025

Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with... High Unreviewed

CVE-2024-11857 was published Jun 2, 2025

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed

CVE-2025-31198 was published May 30, 2025

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based)... High Unreviewed

CVE-2025-47181 was published May 23, 2025

Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless... Moderate Unreviewed

CVE-2025-2102 was published May 21, 2025

The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local... Moderate Unreviewed

CVE-2025-3908 was published May 19, 2025

Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine... High Unreviewed

CVE-2025-4211 was published May 16, 2025

Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver... High Unreviewed

CVE-2025-20003 was published May 13, 2025

Improper link resolution before file access ('link following') in Microsoft PC Manager allows an... High Unreviewed

CVE-2025-29975 was published May 13, 2025

Improper link resolution before file access ('link following') in Windows Installer allows an... Moderate Unreviewed

CVE-2025-29837 was published May 13, 2025

Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's... High Unreviewed

CVE-2025-1079 was published May 12, 2025

Previous 12…47 Next

Previous 1 2 3 4 5 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,163 advisories