Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
2,989
Maven
5,000+
npm
4,699
NuGet
788
pip
4,328
Pub
12
RubyGems
987
Rust
1,133
Swift
49
Unreviewed advisories
All unreviewed
5,000+

950 advisories

Loading
OpenClaw: Command hijacking via unsafe PATH handling (bootstrapping + node-host PATH overrides) High
GHSA-jqpq-mgvm-f9r6 was published for openclaw (npm) Feb 18, 2026
akhmittra
Credited to akhmittra
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-54519 was published Feb 12, 2026
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which... High Unreviewed
CVE-2026-25676 was published Feb 12, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2361 was published Feb 11, 2026
PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by... High Unreviewed
CVE-2026-2360 was published Feb 11, 2026
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege... High Unreviewed
CVE-2025-52541 was published Feb 11, 2026
A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve... High Unreviewed
CVE-2025-48503 was published Feb 11, 2026
Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User... Moderate Unreviewed
CVE-2025-32452 was published Feb 10, 2026
Uncontrolled search path in some software installer for some VTune(TM) Profiler software and... Moderate Unreviewed
CVE-2025-20106 was published Feb 10, 2026
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected... High Unreviewed
CVE-2026-25655 was published Feb 10, 2026
A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) ... High Unreviewed
CVE-2026-25656 was published Feb 10, 2026
The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link... High Unreviewed
CVE-2026-24694 was published Feb 3, 2026
PsySH has Local Privilege Escalation via CWD .psysh.php auto-load Moderate
CVE-2026-25129 was published for psy/psysh (Composer) Jan 30, 2026
aqhmal
Credited to aqhmal
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be... Moderate Unreviewed
CVE-2025-13919 was published Jan 28, 2026
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which... Moderate Unreviewed
CVE-2026-21408 was published Jan 27, 2026
DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows... High Unreviewed
CVE-2025-30248 was published Jan 27, 2026
Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading... High Unreviewed
CVE-2025-71178 was published Jan 26, 2026
Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2026-0776 was published Jan 23, 2026
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in... High Unreviewed
CVE-2026-23755 was published Jan 21, 2026
The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely... High Unreviewed
CVE-2026-24016 was published Jan 21, 2026
NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading... Moderate Unreviewed
CVE-2025-33231 was published Jan 20, 2026
NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an... High Unreviewed
CVE-2025-33229 was published Jan 20, 2026
The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to... Critical Unreviewed
CVE-2025-65118 was published Jan 16, 2026
CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService... High Unreviewed
CVE-2022-50808 was published Jan 14, 2026
The installers for multiple products provided by PIONEER CORPORATION contain an issue with the... High Unreviewed
CVE-2026-21427 was published Jan 8, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database