Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

3,325 advisories

Loading
actions-mkdocs: Command Injection via issue title in internal GitHub Actions workflow Moderate
GHSA-6p2j-742g-835f was published for Tiryoh/actions-mkdocs (GitHub Actions) Apr 4, 2026
choseogyeong Credited to choseogyeong
Improper neutralization of special elements in the authentication components in Amazon Athena... High Unreviewed
CVE-2026-35558 was published Apr 3, 2026
Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through... Critical Unreviewed
CVE-2026-5463 was published Apr 3, 2026
A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the... Moderate Unreviewed
CVE-2026-5352 was published Apr 2, 2026
A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2026-5354 was published Apr 2, 2026
A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the... Moderate Unreviewed
CVE-2026-5355 was published Apr 2, 2026
A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function ping_test of... Moderate Unreviewed
CVE-2026-5353 was published Apr 2, 2026
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function... Moderate Unreviewed
CVE-2026-5351 was published Apr 2, 2026
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated,... Moderate Unreviewed
CVE-2026-20096 was published Apr 1, 2026
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated,... Moderate Unreviewed
CVE-2026-20095 was published Apr 1, 2026
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated,... High Unreviewed
CVE-2026-20094 was published Apr 1, 2026
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3... Critical Unreviewed
CVE-2024-43028 was published Apr 1, 2026
In its design for automatic terminal command execution, Sixth offers two options: Execute safe... Critical Unreviewed
CVE-2026-30310 was published Mar 31, 2026
A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac... Moderate Unreviewed
CVE-2026-5153 was published Mar 31, 2026
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability... Moderate Unreviewed
CVE-2026-5125 was published Mar 30, 2026
MLflow Command Injection vulnerability Critical
CVE-2025-15379 was published for mlflow (pip) Mar 30, 2026
drhreddy Credited to drhreddy
A vulnerability was detected in Totolink A3300R 17.0.0cu.557_b20221024. The affected element is... Moderate Unreviewed
CVE-2026-5105 was published Mar 30, 2026
A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. This issue affects the... Moderate Unreviewed
CVE-2026-5103 was published Mar 30, 2026
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Impacted is... Moderate Unreviewed
CVE-2026-5104 was published Mar 30, 2026
wenxian: Command Injection in GitHub Actions Workflow via `issue_comment.body` Critical
CVE-2026-34243 was published for njzjz/wenxian (GitHub Actions) Mar 29, 2026
choseogyeong Credited to choseogyeong
A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the... Moderate Unreviewed
CVE-2026-5030 was published Mar 29, 2026
A vulnerability has been found in DeDeveloper23 codebase-mcp up to... Moderate Unreviewed
CVE-2026-5023 was published Mar 29, 2026
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182_B20201102. Affected by this issue is... Moderate Unreviewed
CVE-2026-5020 was published Mar 29, 2026
A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of... Moderate Unreviewed
CVE-2026-5012 was published Mar 28, 2026
A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function... Moderate Unreviewed
CVE-2026-5007 was published Mar 28, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database