Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

969 advisories

Loading
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2... High Unreviewed
CVE-2025-69784 was published Mar 16, 2026
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to... High Unreviewed
CVE-2026-2713 was published Mar 10, 2026
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the... Moderate Unreviewed
CVE-2026-24317 was published Mar 10, 2026
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries ... High Unreviewed
CVE-2026-30896 was published Mar 9, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28711 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28712 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2025-11792 was published Mar 6, 2026
Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows High
CVE-2025-15558 was published for github.com/docker/cli (Go) Mar 5, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1,... Moderate Unreviewed
CVE-2026-22270 was published Mar 4, 2026
Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search... High Unreviewed
CVE-2026-24502 was published Mar 3, 2026
OpenClaw's hook transform module path allows traversal and arbitrary JavaScript module loading High
CVE-2026-28393 was published for openclaw (npm) Mar 3, 2026
akhmittra Credited to akhmittra
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL... High Unreviewed
CVE-2026-25191 was published Feb 26, 2026
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672... Moderate Unreviewed
CVE-2026-3091 was published Feb 24, 2026
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path... High Unreviewed
CVE-2026-21420 was published Feb 23, 2026
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability... High Unreviewed
CVE-2026-2492 was published Feb 21, 2026
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation... High Unreviewed
CVE-2026-2040 was published Feb 21, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26099 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26097 was published Feb 20, 2026
Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration... High Unreviewed
CVE-2026-26098 was published Feb 20, 2026
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue... High Unreviewed
CVE-2026-26050 was published Feb 20, 2026
OpenClaw affected by potential code execution via unsafe hook module path handling in Gateway High
CVE-2026-28456 was published for openclaw (npm) Feb 18, 2026
222n5 Credited to 222n5
OpenClaw: Command hijacking via unsafe PATH handling (bootstrapping + node-host PATH overrides) High
CVE-2026-29610 was published for openclaw (npm) Feb 18, 2026
akhmittra Credited to akhmittra
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-54519 was published Feb 12, 2026
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which... High Unreviewed
CVE-2026-25676 was published Feb 12, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2361 was published Feb 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database