GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
motionEye Partial Authentication Bypass: Unauthenticated Admin Credential Theft via Path Traversal
Critical
GHSA-phv5-334h-mxcw
was published
for
motioneye
(pip)
Jun 23, 2026
Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
Critical
Unreviewed
CVE-2026-52703
was published
Jun 15, 2026
SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft...
Critical
Unreviewed
CVE-2026-40128
was published
Jun 9, 2026
SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability
Critical
CVE-2026-7302
was published
for
sglang
(pip)
May 18, 2026
A path traversal condition in Intrado 911 Emergency Gateway could allow an attacker with existing...
Critical
Unreviewed
CVE-2026-6074
was published
Apr 23, 2026
Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services...
Critical
Unreviewed
CVE-2025-59793
was published
Feb 17, 2026
survey-pdf Upgraded jsPDF Version Due to Security Vulnerability
Critical
CVE-2026-25630
was published
for
survey-pdf
(npm)
Feb 4, 2026
jsPDF has Local File Inclusion/Path Traversal vulnerability
Critical
CVE-2025-68428
was published
for
jspdf
(npm)
Jan 5, 2026
Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local...
Critical
Unreviewed
CVE-2025-39467
was published
Nov 6, 2025
The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated...
Critical
Unreviewed
CVE-2025-41723
was published
Oct 22, 2025
SAP Print Service (SAPSprint) performs insufficient validation of path information provided by...
Critical
Unreviewed
CVE-2025-42937
was published
Oct 14, 2025
DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability
Critical
Unreviewed
CVE-2025-53417
was published
Aug 5, 2025
CyberData 011209 Intercom
could allow an authenticated attacker to upload arbitrary files to...
Critical
Unreviewed
CVE-2025-30515
was published
Jun 10, 2025
Path Traversal vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Retrieve...
Critical
Unreviewed
CVE-2025-5598
was published
Jun 4, 2025
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue...
Critical
Unreviewed
CVE-2024-56045
was published
Dec 31, 2024
ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of...
Critical
Unreviewed
CVE-2024-21575
was published
Dec 12, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
**UNSUPPORTED WHEN ASSIGNED** Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1...
Critical
Unreviewed
CVE-2024-40505
was published
Jul 16, 2024
NLnet Labs’ Routinator vulnerable to path traversal
Critical
CVE-2023-39916
was published
for
routinator
(Rust)
Sep 13, 2023
ProTip!
Advisories are also available from the
GraphQL API