GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,215
Composer 5,632
Erlang 49
GitHub Actions 49
Go 3,549
Maven 6,424
npm 5,851
NuGet 917
pip 4,798
Pub 13
RubyGems 1,038
Rust 1,237
Swift 53

Unreviewed advisories

All unreviewed 298,394

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,419 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver... Moderate Unreviewed

CVE-2026-21709 was published Apr 17, 2026

An example of BashOperator in Airflow documentation suggested a way of passing dag_run.conf in... High Unreviewed

CVE-2026-30898 was published Apr 18, 2026

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows... High Unreviewed

CVE-2026-3517 was published Apr 20, 2026

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows... High Unreviewed

CVE-2026-3519 was published Apr 20, 2026

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows... High Unreviewed

CVE-2026-3518 was published Apr 20, 2026

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an... High Unreviewed

CVE-2026-4048 was published Apr 20, 2026

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that... High Unreviewed

CVE-2026-35682 was published Apr 17, 2026

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise... High Unreviewed

CVE-2026-3854 was published Mar 10, 2026

In JetBrains Junie before 252.549.29 command execution was possible via malicious project file Moderate Unreviewed

CVE-2026-41153 was published Apr 17, 2026

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function... High Unreviewed

CVE-2026-6483 was published Apr 17, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed

CVE-2026-23779 was published Apr 17, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... High Unreviewed

CVE-2026-23778 was published Apr 17, 2026

Paperclip: Malicious skills able to exfiltrate and destroy all user data High

GHSA-w8hx-hqjv-vjcq was published for @paperclipai/server (npm) Apr 16, 2026

Upsonic: remote code execution vulnerability in its MCP server/task creation functionality Critical

CVE-2026-30625 was published for upsonic (pip) Apr 15, 2026

NietThijmen ShoppingCart: Command injection in the connect function High

CVE-2024-53412 was published for github.com/NietThijmen/ShoppingCart (Go) Apr 15, 2026

Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution ... High Unreviewed

CVE-2026-30461 was published Apr 15, 2026

LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server... High Unreviewed

CVE-2026-30617 was published Apr 15, 2026

Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers... High Unreviewed

CVE-2026-30624 was published Apr 15, 2026

A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote... Critical Unreviewed

CVE-2026-20186 was published Apr 15, 2026

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to... Critical Unreviewed

CVE-2026-20147 was published Apr 15, 2026

A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute... High Unreviewed

CVE-2026-30615 was published Apr 15, 2026

Jaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution... High Unreviewed

CVE-2026-30616 was published Apr 15, 2026

Improper neutralization of special elements used in a command ('command injection') in Windows... High Unreviewed

CVE-2026-32183 was published Apr 14, 2026

Improper neutralization of special elements used in a command ('command injection') in GitHub... Moderate Unreviewed

CVE-2026-23653 was published Apr 14, 2026

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Critical Unreviewed

CVE-2026-31170 was published Apr 9, 2026

Previous1…137 Next

Previous 1 2 3 4 5 … 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,419 advisories