GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,945
Composer 5,455
Erlang 46
GitHub Actions 48
Go 3,343
Maven 6,345
npm 5,392
NuGet 881
pip 4,550
Pub 12
RubyGems 1,013
Rust 1,203
Swift 51

Unreviewed advisories

All unreviewed 295,552

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,483 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing... Critical Unreviewed

CVE-2026-32987 was published Mar 29, 2026

OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate... Critical Unreviewed

CVE-2026-32922 was published Mar 29, 2026

OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status... Critical Unreviewed

CVE-2026-32918 was published Mar 29, 2026

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf... Critical Unreviewed

CVE-2026-32915 was published Mar 29, 2026

OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals... Critical Unreviewed

CVE-2026-32978 was published Mar 29, 2026

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows... Critical Unreviewed

CVE-2017-20229 was published Mar 28, 2026

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers... Critical Unreviewed

CVE-2017-20225 was published Mar 28, 2026

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability... Critical Unreviewed

CVE-2017-20227 was published Mar 28, 2026

Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute... Critical Unreviewed

CVE-2018-25220 was published Mar 28, 2026

EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows... Critical Unreviewed

CVE-2018-25221 was published Mar 28, 2026

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers... Critical Unreviewed

CVE-2018-25223 was published Mar 28, 2026

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows... Critical Unreviewed

CVE-2016-20049 was published Mar 28, 2026

thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter... Critical Unreviewed

CVE-2026-26833 was published Mar 25, 2026

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset... Critical Unreviewed

CVE-2026-30458 was published Mar 26, 2026

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to... Critical Unreviewed

CVE-2026-30457 was published Mar 26, 2026

An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to... Critical Unreviewed

CVE-2025-70888 was published Mar 25, 2026

textract through 2.5.0 is vulnerable to OS Command Injection via the file path parameter in... Critical Unreviewed

CVE-2026-26831 was published Mar 25, 2026

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the... Critical Unreviewed

CVE-2026-30530 was published Mar 27, 2026

The command auto-approval module in Axon Code contains an OS Command Injection vulnerability,... Critical Unreviewed

CVE-2026-30303 was published Mar 27, 2026

In its design for automatic terminal command execution, AI Code offers two options: Execute safe... Critical Unreviewed

CVE-2026-30304 was published Mar 27, 2026

The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability... Critical Unreviewed

CVE-2026-30302 was published Mar 27, 2026

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the... Critical Unreviewed

CVE-2026-30532 was published Mar 27, 2026

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the... Critical Unreviewed

CVE-2026-30533 was published Mar 27, 2026

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege... Critical Unreviewed

CVE-2026-24968 was published Mar 25, 2026

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote... Critical Unreviewed

CVE-2026-27876 was published Mar 27, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,483 advisories