GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
626 advisories
Filter by severity
The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver...
High
Unreviewed
CVE-2022-26522
was published
May 8, 2026
Spring Cloud Config Server Susceptible To TOCTOU Attack
High
CVE-2026-41002
was published
for
org.springframework.cloud:spring-cloud-config-server
(Maven)
May 7, 2026
Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes
Moderate
CVE-2026-42592
was published
for
github.com/gotenberg/gotenberg/v8
(Go)
May 7, 2026
Duplicate Advisory: OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root
Moderate
GHSA-6f72-9gxx-98mj
was published
for
openclaw
(npm)
May 6, 2026
•
withdrawn
Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Moderate
GHSA-frr5-j3mh-h9ch
was published
for
openclaw
(npm)
May 6, 2026
•
withdrawn
Duplicate Advisory: OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding
Moderate
GHSA-w7rc-vvgx-pj45
was published
for
openclaw
(npm)
May 6, 2026
•
withdrawn
A race condition exists in PaperCut MF when processing badge-swipe data from certain HP...
Moderate
Unreviewed
CVE-2026-6180
was published
May 5, 2026
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config...
High
Unreviewed
CVE-2026-7791
was published
May 5, 2026
OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Moderate
CVE-2026-44113
was published
for
openclaw
(npm)
May 4, 2026
OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root
Moderate
CVE-2026-44112
was published
for
openclaw
(npm)
May 4, 2026
Memory corruption while creating a process on the digital signal processor due to allocation...
High
Unreviewed
CVE-2025-47407
was published
May 4, 2026
In the Linux kernel, the following vulnerability has been resolved:
xfs: close crash window in...
Moderate
Unreviewed
CVE-2026-43053
was published
May 1, 2026
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: defer tunnel...
High
Unreviewed
CVE-2026-31678
was published
Apr 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
smb: client: make use of...
Moderate
Unreviewed
CVE-2026-31535
was published
Apr 24, 2026
OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to...
Moderate
Unreviewed
CVE-2026-41360
was published
Apr 24, 2026
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file...
Moderate
Unreviewed
CVE-2026-41338
was published
Apr 24, 2026
Duplicate Advisory: OpenClaw: Voice-call Plivo replay mutates in-process callback origin before replay rejection
Moderate
GHSA-cw28-63x4-37c3
was published
for
openclaw
(npm)
Apr 24, 2026
•
withdrawn
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Moderate
CVE-2026-35376
was published
for
coreutils
(Rust)
Apr 22, 2026
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Moderate
CVE-2026-35374
was published
for
coreutils
(Rust)
Apr 22, 2026
uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
High
CVE-2026-35352
was published
for
coreutils
(Rust)
Apr 22, 2026
Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Moderate
GHSA-m26v-hjq3-x245
was published
for
coreutils
(Rust)
Apr 22, 2026
•
withdrawn
Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Moderate
GHSA-v24v-f45g-w7jf
was published
for
coreutils
(Rust)
Apr 22, 2026
•
withdrawn
Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Low
GHSA-vf87-345h-9qhx
was published
for
coreutils
(Rust)
Apr 22, 2026
•
withdrawn
Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Low
GHSA-ggc5-46rg-mr4v
was published
for
coreutils
(Rust)
Apr 22, 2026
•
withdrawn
uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Moderate
CVE-2026-35354
was published
for
coreutils
(Rust)
Apr 22, 2026
ProTip!
Advisories are also available from the
GraphQL API