Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,143
Maven
5,000+
npm
5,000+
NuGet
840
pip
4,439
Pub
12
RubyGems
990
Rust
1,174
Swift
50
Unreviewed advisories
All unreviewed
5,000+

188 advisories

Loading
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2026-28721 was published Mar 6, 2026
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2026-28722 was published Mar 6, 2026
OpenClaw browser navigation guard allowed non-network URL schemes, enabling authenticated browser-tool users to access file:// local files Moderate
GHSA-45cg-2683-gfmq was published for openclaw (npm) Mar 3, 2026
q1uf3ng Credited to q1uf3ng
In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a... High Unreviewed
CVE-2025-48654 was published Mar 2, 2026
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the... Low Unreviewed
CVE-2026-3404 was published Mar 2, 2026
A vulnerability was determined in opencc JFlow up to 20260129. This affects the function Imp_Done... Moderate Unreviewed
CVE-2026-2536 was published Feb 16, 2026
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2026-2074 was published Feb 7, 2026
A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. Impacted is the function initRCForm... Moderate Unreviewed
CVE-2026-1218 was published Jan 20, 2026
A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement... Moderate Unreviewed
CVE-2025-15251 was published Dec 30, 2025
External Control of File Name or Path in Langflow High
CVE-2025-68478 was published for langflow (pip) Dec 19, 2025
J1vvoo Credited to J1vvoo and im-soohyun im-soohyun im-soohyun
In multiple locations, there is a possible way to alter the primary user's face unlock settings... Moderate Unreviewed
CVE-2025-48598 was published Dec 8, 2025
A weakness has been identified in bestfeng oa_git_free up to 9.5. This affects the function... Moderate Unreviewed
CVE-2025-13209 was published Nov 15, 2025
A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of... Moderate Unreviewed
CVE-2025-11341 was published Oct 6, 2025
A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-11140 was published Sep 29, 2025
A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of... Moderate Unreviewed
CVE-2025-11035 was published Sep 26, 2025
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-10816 was published Sep 23, 2025
A server-side request forgery security issue exists within Rockwell Automation ThinManager®... High Unreviewed
CVE-2025-9065 was published Sep 9, 2025
A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-10091 was published Sep 8, 2025
A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2025-10092 was published Sep 8, 2025
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2025-48963 was published Aug 28, 2025
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user... Moderate Unreviewed
CVE-2025-26417 was published Aug 27, 2025
In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to... Moderate Unreviewed
CVE-2025-0082 was published Aug 27, 2025
Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content... Moderate Unreviewed
CVE-2015-10142 was published Jul 25, 2025
A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This... Moderate Unreviewed
CVE-2025-7823 was published Jul 19, 2025
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects... Moderate Unreviewed
CVE-2025-7824 was published Jul 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database