Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

13,275 advisories

Loading
A use of externally-controlled format string vulnerability has been reported to affect Qsync... Low Unreviewed
CVE-2025-30269 was published Feb 11, 2026
A command injection vulnerability has been reported to affect Media Streaming add-on. If an... Low Unreviewed
CVE-2024-56808 was published Feb 11, 2026
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an... Low Unreviewed
CVE-2024-56807 was published Feb 11, 2026
LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages Low
CVE-2026-26013 was published for langchain-core (pip) Feb 11, 2026
Finder16
Credited to Finder16
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.6.6,... Low Unreviewed
CVE-2025-14594 was published Feb 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18... Low Unreviewed
CVE-2025-14592 was published Feb 11, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18... Low Unreviewed
CVE-2026-1282 was published Feb 11, 2026
A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue... Low Unreviewed
CVE-2026-1762 was published Feb 10, 2026
Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading... Low Unreviewed
CVE-2021-26410 was published Feb 10, 2026
Missing Checks in certain functions related to RMP initialization can allow a local admin... Low Unreviewed
CVE-2025-48509 was published Feb 10, 2026
Improper handling of error condition during host-induced faults can allow a local high-privileged... Low Unreviewed
CVE-2025-0029 was published Feb 10, 2026
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Low Unreviewed
CVE-2026-21249 was published Feb 10, 2026
Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User... Low Unreviewed
CVE-2025-33030 was published Feb 10, 2026
Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS... Low Unreviewed
CVE-2025-32739 was published Feb 10, 2026
Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an... Low Unreviewed
CVE-2025-31648 was published Feb 10, 2026
Improper initialization for some ESXi kernel mode driver for the Intel(R) Ethernet 800-Series... Low Unreviewed
CVE-2025-25058 was published Feb 10, 2026
Apache Shiro Affected by an Observable Timing Discrepancy Vulnerability Low
CVE-2026-23901 was published for org.apache.shiro:shiro-core (Maven) Feb 10, 2026
Due to improper memory management in SAP NetWeaver and ABAP Platform (Application Server ABAP),... Low Unreviewed
CVE-2026-24320 was published Feb 10, 2026
Due to a CRLF Injection vulnerability in SAP NetWeaver Application Server Java, an authenticated... Low Unreviewed
CVE-2026-23686 was published Feb 10, 2026
Bitcoinrb Vulnerable to Command injection via RPC Low
GHSA-q66h-m87m-j2q6 was published for bitcoinrb (RubyGems) Feb 10, 2026
Craft CMS Vulnerable to Stored XSS in Entry Types Name Low
CVE-2026-25491 was published for craftcms/cms (Composer) Feb 9, 2026
mHe4am
Credited to mHe4am
DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. ... Low Unreviewed
CVE-2025-7432 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... Low Unreviewed
CVE-2025-66606 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The... Low Unreviewed
CVE-2025-66604 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since... Low Unreviewed
CVE-2025-66605 was published Feb 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database