Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,599
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,828
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

3,444 advisories

Loading
electurm has Command Injection via runLinux funtion Critical
CVE-2026-41501 was published for electerm (npm) Apr 24, 2026
FORIMOC Credited to FORIMOC
Gemini CLI: Remote Code Execution via workspace trust and tool allowlisting bypasses Critical
GHSA-wpqr-6v78-jr5g was published for @google/gemini-cli (GitHub Actions) Apr 24, 2026
DanusMinimus Credited to DanusMinimus
Claude Code: Trust Dialog Bypass via Git Worktree Spoofing Allows Arbitrary Code Execution High
CVE-2026-40068 was published for @anthropic-ai/claude-code (npm) Apr 24, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31173 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31169 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31162 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31163 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31168 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31166 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31167 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31160 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31172 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Critical Unreviewed
CVE-2026-31175 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31159 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31165 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31171 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31164 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31174 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31176 was published Apr 23, 2026
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to... Moderate Unreviewed
CVE-2026-31179 was published Apr 23, 2026
Inspektor Gadget: Command Injection via malicious buildOptions manipulation Moderate
CVE-2026-24905 was published for github.com/inspektor-gadget/inspektor-gadget (Go) Apr 22, 2026
ndaprela Credited to ndaprela, suidpit, and eiffel-fl suidpit suidpit
eiffel-fl eiffel-fl
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the... High Unreviewed
CVE-2026-38834 was published Apr 21, 2026
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2026-38835 was published Apr 21, 2026
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows... High Unreviewed
CVE-2026-3519 was published Apr 20, 2026
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows... High Unreviewed
CVE-2026-3518 was published Apr 20, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database