GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,281
Composer 5,784
Erlang 57
GitHub Actions 50
Go 3,767
Maven 6,545
npm 6,072
NuGet 937
pip 4,999
Pub 13
RubyGems 1,058
Rust 1,347
Swift 54

Unreviewed advisories

All unreviewed 301,330

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,399 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Control Web Panel (CWP) before 0.9.8.1209. User input passed via the ... High Unreviewed

CVE-2025-67888 was published May 8, 2026

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr... High Unreviewed

CVE-2025-63705 was published May 7, 2026

OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual... High Unreviewed

CVE-2025-9661 was published May 7, 2026

The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and... High Unreviewed

CVE-2026-31195 was published May 5, 2026

The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG... High Unreviewed

CVE-2026-31196 was published May 5, 2026

Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had... High Unreviewed

CVE-2026-42994 was published May 1, 2026

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command... High Unreviewed

CVE-2026-7551 was published May 1, 2026

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume... High Unreviewed

CVE-2026-7461 was published Apr 30, 2026

Improper neutralization of special elements used in an OS command ('OS command injection')... High Unreviewed

CVE-2026-6849 was published Apr 29, 2026

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed... High Unreviewed

CVE-2024-54012 was published Apr 28, 2026

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP... High Unreviewed

CVE-2026-1460 was published Apr 28, 2026

A command injection vulnerability exists in the web server of specific firmware versions of... High Unreviewed

CVE-2026-32649 was published Apr 28, 2026

An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may... High Unreviewed

CVE-2026-33277 was published Apr 27, 2026

IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could... High Unreviewed

CVE-2026-5935 was published Apr 23, 2026

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars... High Unreviewed

CVE-2026-40517 was published Apr 23, 2026

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise... High Unreviewed

CVE-2026-4821 was published Apr 22, 2026

FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the... High Unreviewed

CVE-2026-40520 was published Apr 21, 2026

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user... High Unreviewed

CVE-2026-41036 was published Apr 21, 2026

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0... High Unreviewed

CVE-2026-24506 was published Apr 20, 2026

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0... High Unreviewed

CVE-2026-26943 was published Apr 20, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... High Unreviewed

CVE-2026-23774 was published Apr 20, 2026

ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability.... High Unreviewed

CVE-2026-5967 was published Apr 20, 2026

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj... High Unreviewed

CVE-2026-40527 was published Apr 17, 2026

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user... High Unreviewed

CVE-2026-21719 was published Apr 17, 2026

sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in... High Unreviewed

CVE-2026-41113 was published Apr 17, 2026

Previous1…96 Next

Previous 1 2 3 4 5 … 95 96 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,399 advisories