Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,022
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,403
Swift
61
Unreviewed advisories
All unreviewed
5,000+

171 advisories

Loading
Unauthenticated Path Traversal in FastDup <= 2.7.2 versions. Critical Unreviewed
CVE-2026-52703 was published Jun 15, 2026
Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions. High Unreviewed
CVE-2026-49112 was published Jun 15, 2026
Custom role Path Traversal in WP Customer Area <= 8.3.4 versions. High Unreviewed
CVE-2026-42661 was published Jun 15, 2026
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service... Moderate Unreviewed
CVE-2026-24315 was published Jun 9, 2026
SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft... Critical Unreviewed
CVE-2026-40128 was published Jun 9, 2026
`PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently ... High Unreviewed
CVE-2026-44933 was published May 20, 2026
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability High Unreviewed
CVE-2026-45495 was published May 18, 2026
SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability Critical
CVE-2026-7302 was published for sglang (pip) May 18, 2026
When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may... High Unreviewed
CVE-2026-42930 was published May 13, 2026
When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed... Moderate Unreviewed
CVE-2026-24464 was published May 13, 2026
An ACAP configuration file lacked sufficient input validation, which could allow a path traversal... Moderate Unreviewed
CVE-2026-0804 was published May 12, 2026
Rancher Extensions have arbitrary file access via path traversal High
CVE-2026-25705 was published for github.com/rancher/rancher (Go) May 7, 2026
KoreaSecurity Credited to KoreaSecurity and Proscan-one Proscan-one Proscan-one
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an... High Unreviewed
CVE-2026-20034 was published May 6, 2026
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with... Moderate Unreviewed
CVE-2026-0205 was published Apr 29, 2026
Heimdall has an authorization bypass via path normalization mismatch High
CVE-2026-42274 was published for github.com/dadrus/heimdall (Go) Apr 25, 2026
A path traversal condition in Intrado 911 Emergency Gateway could allow an attacker with existing... Critical Unreviewed
CVE-2026-6074 was published Apr 23, 2026
PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged... Moderate Unreviewed
CVE-2026-28265 was published Apr 1, 2026
Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file... High Unreviewed
CVE-2026-25397 was published Mar 25, 2026
Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path... Moderate Unreviewed
CVE-2026-32415 was published Mar 13, 2026
Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2026-26124 was published Mar 6, 2026
Path Traversal: '.../...//' vulnerability in primersoftware Primer MyData for Woocommerce primer... Moderate Unreviewed
CVE-2025-69325 was published Feb 20, 2026
Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services... Critical Unreviewed
CVE-2025-59793 was published Feb 17, 2026
Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and... Moderate Unreviewed
CVE-2026-1763 was published Feb 10, 2026
survey-pdf Upgraded jsPDF Version Due to Security Vulnerability Critical
CVE-2026-25630 was published for survey-pdf (npm) Feb 4, 2026
A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with... Moderate Unreviewed
CVE-2025-58380 was published Feb 3, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database