Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,796
Maven
5,000+
npm
4,410
NuGet
772
pip
4,181
Pub
12
RubyGems
965
Rust
1,078
Swift
45
Unreviewed advisories
All unreviewed
5,000+

116,689 advisories

Loading
The installers for multiple products provided by PIONEER CORPORATION contain an issue with the... High Unreviewed
CVE-2026-21427 was published Jan 8, 2026
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure... High Unreviewed
CVE-2017-20212 was published Jan 8, 2026
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated... High Unreviewed
CVE-2017-20213 was published Jan 8, 2026
FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains an authenticated OS command... High Unreviewed
CVE-2017-20215 was published Jan 8, 2026
NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary... High Unreviewed
CVE-2019-25268 was published Jan 8, 2026
devolo dLAN Cockpit 4.3.1 contains an unquoted service path vulnerability in the ... High Unreviewed
CVE-2019-25231 was published Jan 8, 2026
SmartLiving SmartLAN <=6.x contains an authenticated remote command injection vulnerability in... High Unreviewed
CVE-2019-25289 was published Jan 8, 2026
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size... High Unreviewed
CVE-2025-13151 was published Jan 8, 2026
An unused function in MicroServer can start a reverse SSH connection to a vendor registered... High Unreviewed
CVE-2025-61939 was published Jan 7, 2026
OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load contains a heap buffer underflow... High Unreviewed
CVE-2026-22185 was published Jan 7, 2026
An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain... High Unreviewed
CVE-2025-66620 was published Jan 7, 2026
MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which... High Unreviewed
CVE-2025-64305 was published Jan 7, 2026
Preact has JSON VNode Injection issue High
CVE-2026-22028 was published for preact (npm) Jan 7, 2026
Xvezda
Credited to Xvezda
Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API) High
CVE-2026-21441 was published for urllib3 (pip) Jan 7, 2026
illia-v pquentin
sethmlarson
Credited to illia-v, pquentin, and sethmlarson
pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default" High
CVE-2025-69264 was published for pnpm (npm) Jan 7, 2026
orenyomtov
Credited to orenyomtov
pnpm Has Lockfile Integrity Bypass that Allows Remote Dynamic Dependencies High
CVE-2025-69263 was published for pnpm (npm) Jan 7, 2026
orenyomtov
Credited to orenyomtov
pnpm vulnerable to Command Injection via environment variable substitution High
CVE-2025-69262 was published for pnpm (npm) Jan 7, 2026
Sy2n0
Credited to Sy2n0
fast-filesystem-mcp version 3.4.0 contains a critical path traversal vulnerability in its file... High Unreviewed
CVE-2025-67364 was published Jan 7, 2026
An attacker with the ability to interact through the network and with access credentials, could,... High Unreviewed
CVE-2026-22535 was published Jan 7, 2026
An attacker with a network connection could detect credentials in clear text. High Unreviewed
CVE-2026-22544 was published Jan 7, 2026
The absence of permissions control for the user XXX allows the current configuration in the... High Unreviewed
CVE-2026-22536 was published Jan 7, 2026
Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP... High Unreviewed
CVE-2025-4677 was published Jan 7, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2026-0669 was published Jan 7, 2026
Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card... High Unreviewed
CVE-2025-4675 was published Jan 7, 2026
OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages.... High Unreviewed
CVE-2025-65805 was published Jan 7, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database