GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
626 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
sctp: revalidate list cursor...
High
Unreviewed
CVE-2026-46227
was published
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix node_cnt race...
Moderate
Unreviewed
CVE-2026-46194
was published
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix...
Moderate
Unreviewed
CVE-2026-46159
was published
May 28, 2026
Keycloak has a Time-of-check Time-of-use (TOCTOU) Race Condition
Moderate
CVE-2026-9796
was published
for
org.keycloak:keycloak-server
(Maven)
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
bpf: Require frozen map for...
Moderate
Unreviewed
CVE-2026-45927
was published
May 27, 2026
Pterodactyl has a database resource limit bypass via race condition in Client API
Low
CVE-2026-35202
was published
for
pterodactyl/panel
(Composer)
May 26, 2026
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time...
High
Unreviewed
CVE-2026-24191
was published
May 26, 2026
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker...
High
Unreviewed
CVE-2026-45208
was published
May 21, 2026
A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service...
High
Unreviewed
CVE-2025-71215
was published
May 21, 2026
A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent cache mechanism...
High
Unreviewed
CVE-2025-71216
was published
May 21, 2026
A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through...
Low
Unreviewed
CVE-2026-7837
was published
May 21, 2026
Undefined behavior may result due to a race condition leading to a use-after-free violation. If...
High
Unreviewed
CVE-2026-5947
was published
May 20, 2026
Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in...
High
Unreviewed
CVE-2026-29518
was published
May 20, 2026
Diffusers: TOCTOU Trust Remote Code Bypass
High
CVE-2026-45804
was published
for
diffusers
(pip)
May 20, 2026
Docker: Race condition in docker cp allows bind mount redirection to host path
High
CVE-2026-42306
was published
for
github.com/docker/docker
(Go)
May 18, 2026
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
Moderate
CVE-2026-41568
was published
for
github.com/docker/docker
(Go)
May 18, 2026
AVideo CVE-2026-43884 incomplete fix - six (or more) `isSSRFSafeURL()` call sites still discard the `$resolvedIP` out-param at master HEAD post-`603e7bf`
Moderate
CVE-2026-45619
was published
for
WWBN/AVideo
(Composer)
May 15, 2026
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
High
Unreviewed
CVE-2026-41702
was published
May 15, 2026
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent...
Low
Unreviewed
CVE-2025-52532
was published
May 15, 2026
A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load...
Low
Unreviewed
CVE-2022-23826
was published
May 15, 2026
csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU...
Moderate
Unreviewed
CVE-2026-41051
was published
May 13, 2026
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate...
High
Unreviewed
CVE-2026-35418
was published
May 12, 2026
Akamai Guardicore Platform Agent (GPA) and Zero Trust Client on Linux and macOS allow TOCTOU...
High
Unreviewed
CVE-2026-34354
was published
May 8, 2026
n8n-mcp webhook and API client paths has an authenticated SSRF
High
CVE-2026-44694
was published
for
n8n-mcp
(npm)
May 8, 2026
Due to multiple time-of-check time-of-use race conditions in the resource count check and...
Moderate
Unreviewed
CVE-2025-69233
was published
May 8, 2026
ProTip!
Advisories are also available from the
GraphQL API