Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

3,326 advisories

Loading
A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function... Moderate Unreviewed
CVE-2026-5007 was published Mar 28, 2026
Flannel has cross-node remote code execution via extension backend BackendData injection High
CVE-2026-32241 was published for github.com/flannel-io/flannel (Go) Mar 27, 2026
shachartal Credited to shachartal
OpenClaw: Arbitrary code execution via unvalidated WebView JavascriptInterface High
GHSA-cxmw-p77q-wchg was published for openclaw (npm) Mar 26, 2026
cyjhhh Credited to cyjhhh
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this... High Unreviewed
CVE-2026-4840 was published Mar 26, 2026
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function... High Unreviewed
CVE-2026-4627 was published Mar 24, 2026
A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected... High Unreviewed
CVE-2026-4611 was published Mar 24, 2026
DigitalOcean Droplet Agent: Command Injection via Metadata Service Endpoint High
CVE-2026-24516 was published for github.com/digitalocean/droplet-agent (Go) Mar 23, 2026
A weakness has been identified in kalcaddle kodbox 1.64. This affects the function checkBin of... Moderate Unreviewed
CVE-2026-4591 was published Mar 23, 2026
A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This... High Unreviewed
CVE-2026-4585 was published Mar 23, 2026
A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function... High Unreviewed
CVE-2026-4558 was published Mar 22, 2026
Duplicate Advisory: OpenClaw's system.run shell-wrapper positional argv carriers could execute hidden commands under misleading approval text Moderate
GHSA-w6f4-3v35-qjhj was published for openclaw (npm) Mar 21, 2026 withdrawn
A vulnerability was found in sigmade Git-MCP-Server up to... Moderate Unreviewed
CVE-2026-4496 was published Mar 20, 2026
A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is... Moderate Unreviewed
CVE-2026-4497 was published Mar 20, 2026
A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of... Moderate Unreviewed
CVE-2026-4499 was published Mar 20, 2026
A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to... High Unreviewed
CVE-2025-15607 was published Mar 20, 2026
A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the... Moderate Unreviewed
CVE-2026-4465 was published Mar 20, 2026
Improper neutralization of special elements used in a command ('command injection') in Microsoft... Critical Unreviewed
CVE-2026-32194 was published Mar 20, 2026
Improper neutralization of special elements used in a command ('command injection') in M365... Moderate Unreviewed
CVE-2026-24299 was published Mar 19, 2026
Improper neutralization of special elements used in a command ('command injection') in Microsoft... Moderate Unreviewed
CVE-2026-26136 was published Mar 19, 2026
A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a... High Unreviewed
CVE-2026-22317 was published Mar 18, 2026
IBM Sterling B2B Integrator and and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0... High Unreviewed
CVE-2025-14031 was published Mar 18, 2026
A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function... Moderate Unreviewed
CVE-2026-4253 was published Mar 16, 2026
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of... High Unreviewed
CVE-2026-23862 was published Mar 16, 2026
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS... Moderate Unreviewed
CVE-2026-4209 was published Mar 16, 2026
A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of... Moderate Unreviewed
CVE-2026-4228 was published Mar 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database