Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

14,945 advisories

Loading
snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file. Low Unreviewed
CVE-2026-39199 was published Jun 17, 2026
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Neutralization of Special... Low Unreviewed
CVE-2026-35068 was published Jun 17, 2026
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a... Low Unreviewed
CVE-2026-12458 was published Jun 17, 2026
In Contacts Provider, there is a possible way to access an incoming call's phone number and... Low Unreviewed
CVE-2026-0057 was published Jun 17, 2026
HCL iControl was affected by Inadequate Session Timeout vulnerability. The vulnerability involves... Low Unreviewed
CVE-2025-62340 was published Jun 17, 2026
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA... Low Unreviewed
CVE-2026-46977 was published Jun 17, 2026
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Low Unreviewed
CVE-2026-46874 was published Jun 17, 2026
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA... Low Unreviewed
CVE-2026-46816 was published Jun 17, 2026
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA... Low Unreviewed
CVE-2026-46815 was published Jun 17, 2026
Pi Agent: Race condition in Pi auth.json writes could expose stored credentials Low
CVE-2026-54327 was published for @earendil-works/pi-coding-agent (npm) Jun 17, 2026
urianpaul94 Credited to urianpaul94
Pi Agent: Potential XSS in HTML session exports via Markdown URL sanitization bypass Low
CVE-2026-54326 was published for @earendil-works/pi-coding-agent (npm) Jun 16, 2026
urianpaul94 Credited to urianpaul94
Cross-site scripting via <NoScript> slot content in Nuxt's head components Low
GHSA-m3q2-p4fw-w38m was published for nuxt (npm) Jun 16, 2026
alcls01111 Credited to alcls01111
In keymint, there is a possible Permission Bypass due to a logic error in the code. This could... Low Unreviewed
CVE-2026-0145 was published Jun 16, 2026
In Camera, there is a possible unauthorized way to access photos due to a missing permission... Low Unreviewed
CVE-2026-0158 was published Jun 16, 2026
OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with... Low Unreviewed
CVE-2026-53862 was published Jun 16, 2026
OpenClaw before 2026.5.7 contains a sender policy bypass vulnerability in BlueBubbles that allows... Low Unreviewed
CVE-2026-53860 was published Jun 16, 2026
In PostWipeData of recovery_ui.cpp, there is a possible data persistence issue after a factory... Low Unreviewed
CVE-2026-0134 was published Jun 16, 2026
In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could... Low Unreviewed
CVE-2026-0129 was published Jun 16, 2026
In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer... Low Unreviewed
CVE-2026-0130 was published Jun 16, 2026
In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds read due to improper input... Low Unreviewed
CVE-2026-0142 was published Jun 16, 2026
OpenClaw before 2026.4.25 contains a scope containment bypass vulnerability in device re-pairing... Low Unreviewed
CVE-2026-53852 was published Jun 16, 2026
OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated... Low Unreviewed
CVE-2026-53848 was published Jun 16, 2026
OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through... Low Unreviewed
CVE-2026-53845 was published Jun 16, 2026
OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML... Low Unreviewed
CVE-2026-53841 was published Jun 16, 2026
Bleach: URI sanitization allows disallowed URI schemes with Unicode > U+00A0 in output Low
GHSA-8rfp-98v4-mmr6 was published for bleach (pip) Jun 16, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database