Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,630
Maven
5,000+
npm
5,000+
NuGet
928
pip
4,850
Pub
13
RubyGems
1,045
Rust
1,301
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,457 advisories

Loading
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local... High Unreviewed
CVE-2026-0539 was published Apr 22, 2026
HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration... High Unreviewed
CVE-2026-6823 was published Apr 21, 2026
HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including ... High Unreviewed
CVE-2026-6819 was published Apr 21, 2026
SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation... High Unreviewed
CVE-2026-39454 was published Apr 20, 2026
Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration... High Unreviewed
CVE-2026-30811 was published Apr 13, 2026
Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers... Moderate Unreviewed
CVE-2026-21013 was published Apr 13, 2026
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability... High Unreviewed
CVE-2026-25203 was published Apr 10, 2026
A container privilege escalation flaw was found in certain Web Terminal images. This issue stems... Moderate Unreviewed
CVE-2025-57853 was published Apr 8, 2026
A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images... Moderate Unreviewed
CVE-2025-57854 was published Apr 8, 2026
A container privilege escalation flaw was found in certain Red Hat Process Automation Manager... Moderate Unreviewed
CVE-2025-58713 was published Apr 8, 2026
A container privilege escalation flaw was found in certain Ansible Automation Platform images.... Moderate Unreviewed
CVE-2025-57847 was published Apr 8, 2026
A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes... Moderate Unreviewed
CVE-2025-57851 was published Apr 8, 2026
openclaw-claude-bridge: sandbox is not effective - `--allowed-tools ""` does not restrict available tools Moderate
CVE-2026-39398 was published for openclaw-claude-bridge (npm) Apr 8, 2026
Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows... Moderate Unreviewed
CVE-2025-7024 was published Apr 3, 2026
HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.  The... High Unreviewed
CVE-2026-21765 was published Apr 2, 2026
Claude SDK for Python has Insecure Default File Permissions in Local Filesystem Memory Tool Moderate
CVE-2026-34450 was published for anthropic (pip) Apr 1, 2026
gn00295120 Credited to gn00295120
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper... Moderate Unreviewed
CVE-2025-15615 was published Mar 27, 2026
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper... Moderate Unreviewed
CVE-2026-32983 was published Mar 27, 2026
In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with... Moderate Unreviewed
CVE-2026-0748 was published Mar 27, 2026
The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation... High Unreviewed
CVE-2026-32680 was published Mar 26, 2026
When a plugin is installed using the Arturia Software Center (MacOS), it also installs an... High Unreviewed
CVE-2026-24063 was published Mar 18, 2026
Capgo CLI: symlink-following local secret writes enable arbitrary file overwrite + world-readable credentials (0600 missing) High
GHSA-8mpm-q7mh-8fvh was published for @capgo/cli (npm) Mar 18, 2026
Judel777 Credited to Judel777
OpenClaw session transcript files were created without forced user-only permissions Moderate
CVE-2026-33572 was published for openclaw (npm) Mar 16, 2026
hsongkai11 Credited to hsongkai11
ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to... Moderate Unreviewed
CVE-2016-20029 was published Mar 16, 2026
A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images... Moderate Unreviewed
CVE-2025-8766 was published Mar 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database