Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

8,513 advisories

Loading
A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior... High Unreviewed
CVE-2026-9789 was published May 28, 2026
Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs High
CVE-2026-47243 was published for github.com/kata-containers/kata-containers (Go) May 27, 2026
JulesDT Credited to JulesDT, sprt, fidencio, and stevenhorsman sprt sprt
fidencio fidencio stevenhorsman stevenhorsman
AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username Moderate
CVE-2026-45309 was published for asyncssh (pip) May 27, 2026
0xHunSec Credited to 0xHunSec
Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers... High Unreviewed
CVE-2026-6957 was published May 27, 2026
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the... High Unreviewed
CVE-2026-48544 was published May 27, 2026
Agent Zero before version 1.15 contains a path traversal vulnerability that allows... High Unreviewed
CVE-2026-47118 was published May 27, 2026
IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation... Critical Unreviewed
CVE-2026-7524 was published May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed... Moderate Unreviewed
CVE-2026-9035 was published May 27, 2026
IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0... High Unreviewed
CVE-2026-3366 was published May 27, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2026-42757 was published May 27, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2026-42756 was published May 27, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2026-42737 was published May 27, 2026
When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is... Moderate Unreviewed
CVE-2026-41009 was published May 27, 2026
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-47267 was published May 27, 2026
tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape High
CVE-2026-44705 was published for tmp (npm) May 27, 2026
Gyde04 Credited to Gyde04 and MaanVader MaanVader MaanVader
Kirby CMS has pre-authentication path traversal and PHP file inclusion during user lookup High
CVE-2026-44177 was published for getkirby/cms (Composer) May 26, 2026
offset Credited to offset
An improper validation of the search parameter of the com_media files API endpoint leads to a... Moderate Unreviewed
CVE-2026-40384 was published May 26, 2026
An improper validation of user-supplied input leads to a local file inclusion vulnerability. High Unreviewed
CVE-2026-40383 was published May 26, 2026
A vulnerability was determined in Acrel Electrical EEMS Enterprise Power Operation and... Moderate Unreviewed
CVE-2026-9550 was published May 26, 2026
OpenKM 6.3.12 contains a local file inclusion vulnerability in the administrative scripting... Moderate Unreviewed
CVE-2026-41917 was published May 26, 2026
A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a... Low Unreviewed
CVE-2026-9472 was published May 26, 2026
A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the... Low Unreviewed
CVE-2026-9473 was published May 26, 2026
A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function... Low Unreviewed
CVE-2026-9467 was published May 26, 2026
A security flaw has been discovered in dazeb cline-mcp-memory-bank up to... Low Unreviewed
CVE-2026-9468 was published May 26, 2026
Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that... High Unreviewed
CVE-2018-25374 was published May 26, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database