GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,215
Composer 5,632
Erlang 49
GitHub Actions 49
Go 3,549
Maven 6,424
npm 5,851
NuGet 917
pip 4,798
Pub 13
RubyGems 1,038
Rust 1,237
Swift 53

Unreviewed advisories

All unreviewed 298,249

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,415 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An example of BashOperator in Airflow documentation suggested a way of passing dag_run.conf in... Unknown Unreviewed

CVE-2026-30898 was published Apr 18, 2026

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that... High Unreviewed

CVE-2026-35682 was published Apr 17, 2026

A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver... Unknown Unreviewed

CVE-2026-21709 was published Apr 17, 2026

In JetBrains Junie before 252.549.29 command execution was possible via malicious project file Moderate Unreviewed

CVE-2026-41153 was published Apr 17, 2026

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function... High Unreviewed

CVE-2026-6483 was published Apr 17, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed

CVE-2026-23779 was published Apr 17, 2026

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... High Unreviewed

CVE-2026-23778 was published Apr 17, 2026

Paperclip: Malicious skills able to exfiltrate and destroy all user data High

GHSA-w8hx-hqjv-vjcq was published for @paperclipai/server (npm) Apr 16, 2026

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to... Critical Unreviewed

CVE-2026-20147 was published Apr 15, 2026

A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote... Critical Unreviewed

CVE-2026-20186 was published Apr 15, 2026

LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server... High Unreviewed

CVE-2026-30617 was published Apr 15, 2026

Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers... High Unreviewed

CVE-2026-30624 was published Apr 15, 2026

A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute... High Unreviewed

CVE-2026-30615 was published Apr 15, 2026

Jaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution... High Unreviewed

CVE-2026-30616 was published Apr 15, 2026

Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution ... High Unreviewed

CVE-2026-30461 was published Apr 15, 2026

Upsonic: remote code execution vulnerability in its MCP server/task creation functionality Critical

CVE-2026-30625 was published for upsonic (pip) Apr 15, 2026

NietThijmen ShoppingCart: Command injection in the connect function High

CVE-2024-53412 was published for github.com/NietThijmen/ShoppingCart (Go) Apr 15, 2026

Improper neutralization of special elements used in a command ('command injection') in Windows... High Unreviewed

CVE-2026-32183 was published Apr 14, 2026

Improper neutralization of special elements used in a command ('command injection') in GitHub... Moderate Unreviewed

CVE-2026-23653 was published Apr 14, 2026

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be... High Unreviewed

CVE-2026-4786 was published Apr 14, 2026

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by... High Unreviewed

CVE-2026-6195 was published Apr 13, 2026

A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function... Moderate Unreviewed

CVE-2026-6158 was published Apr 13, 2026

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the... High Unreviewed

CVE-2026-6155 was published Apr 13, 2026

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects... High Unreviewed

CVE-2026-6156 was published Apr 13, 2026

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected... High Unreviewed

CVE-2026-6154 was published Apr 13, 2026

Previous1…137 Next

Previous 1 2 3 4 5 … 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,415 advisories