GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
339 advisories
Filter by severity
repomix contains a local file inclusion vulnerability in the git clone endpoint that allows...
High
Unreviewed
CVE-2026-59703
was published
Jul 8, 2026
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of...
High
Unreviewed
CVE-2022-24138
was published
Jul 7, 2022
A CWE-269: Improper Privilege Management vulnerability exists in EnerlinÕX ComÕX versions prior...
Moderate
Unreviewed
CVE-2021-22769
was published
May 24, 2022
GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user...
High
Unreviewed
CVE-2025-66389
was published
Jun 22, 2026
Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+
cameras may allow a...
Critical
Unreviewed
CVE-2026-40624
was published
Jun 19, 2026
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a...
High
Unreviewed
CVE-2024-56462
was published
May 27, 2026
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
Files or directories accessible to external parties vulnerability in ABB T-MAC Plus.
This issue...
High
Unreviewed
CVE-2025-14771
was published
Jun 3, 2026
Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF)...
Moderate
Unreviewed
CVE-2026-40564
was published
May 26, 2026
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All...
High
Unreviewed
CVE-2024-12917
was published
Feb 24, 2025
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows...
High
Unreviewed
CVE-2023-1246
was published
Mar 10, 2023
The administrator account for the
Danelec MacGregor Voyage Data Recorder
web interface can...
Moderate
Unreviewed
CVE-2026-40425
was published
May 29, 2026
Files or directories accessible to external parties vulnerability in redis-server component in...
Moderate
Unreviewed
CVE-2024-11399
was published
May 27, 2026
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
Unknown
Unreviewed
CVE-2026-8704
was published
May 16, 2026
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion...
Critical
Unreviewed
CVE-2026-31216
was published
May 12, 2026
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion...
Critical
Unreviewed
CVE-2026-31215
was published
May 12, 2026
An authenticated attacker with the Resource Administrator or Administrator role can modify...
High
Unreviewed
CVE-2026-40631
was published
May 13, 2026
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource...
Moderate
Unreviewed
CVE-2026-42063
was published
May 13, 2026
Files or directories accessible to external parties in Microsoft Office Word allows an...
Moderate
Unreviewed
CVE-2026-35440
was published
May 12, 2026
Files or directories accessible to external parties in Microsoft Teams allows an unauthorized...
Moderate
Unreviewed
CVE-2026-32185
was published
May 12, 2026
A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15...
High
Unreviewed
CVE-2026-39871
was published
May 11, 2026
Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0...
Moderate
Unreviewed
CVE-2025-66955
was published
Mar 12, 2026
The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly...
Moderate
Unreviewed
CVE-2026-5335
was published
May 4, 2026
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its...
High
Unreviewed
CVE-2025-7389
was published
Apr 14, 2026
ProTip!
Advisories are also available from the
GraphQL API