Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,800
Maven
5,000+
npm
4,426
NuGet
773
pip
4,199
Pub
12
RubyGems
968
Rust
1,086
Swift
47
Unreviewed advisories
All unreviewed
5,000+

7,565 advisories

Loading
Vivotek IP7137 camera with firmware version 0200a is vulnerable to path traversal. It is possible... Moderate Unreviewed
CVE-2025-66051 was published Jan 9, 2026
A security issue was discovered in GNU Wget2 when handling Metalink documents. The application... High Unreviewed
CVE-2025-69194 was published Jan 9, 2026
React Router has Path Traversal in File Session Storage Critical
CVE-2025-61686 was published for @react-router/node (npm) Jan 8, 2026
zaddy6
Credited to zaddy6
picklescan has Arbitrary file read using `io.FileIO` High
GHSA-9726-w42j-3qjr was published for picklescan (pip) Jan 8, 2026
shivasurya
Credited to shivasurya
The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in... Moderate Unreviewed
CVE-2019-25295 was published Jan 8, 2026
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure... High Unreviewed
CVE-2017-20212 was published Jan 8, 2026
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2026-0669 was published Jan 7, 2026
RustFS Path Traversal Vulnerability High
CVE-2025-68705 was published for rustfs (Rust) Jan 7, 2026
The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2025-14867 was published Jan 7, 2026
The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... High Unreviewed
CVE-2025-13801 was published Jan 7, 2026
SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows... High Unreviewed
CVE-2020-36909 was published Jan 6, 2026
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download Moderate
CVE-2026-21851 was published for monai (pip) Jan 6, 2026
yueyueL
Credited to yueyueL
The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-14997 was published Jan 6, 2026
The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path... Moderate Unreviewed
CVE-2026-0604 was published Jan 6, 2026
AIOHTTP vulnerable to brute-force leak of internal static file path components Low
CVE-2025-69226 was published for aiohttp (pip) Jan 5, 2026
ThomasRinsma
Credited to ThomasRinsma
Redaxo has Path Traversal in Backup Addon Leading to Arbitrary File Read High
CVE-2026-21857 was published for redaxo/source (Composer) Jan 5, 2026
lukasz-rybak
Credited to lukasz-rybak
A vulnerability was determined in cld378632668 JavaMall up to... Moderate Unreviewed
CVE-2025-15449 was published Jan 5, 2026
A security flaw has been discovered in yeqifu warehouse up to... Moderate Unreviewed
CVE-2026-0571 was published Jan 2, 2026
AdonisJS Path Traversal in Multipart File Handling Critical
CVE-2026-21440 was published for @adonisjs/bodyparser (npm) Jan 2, 2026
wodzen
Credited to wodzen
An issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files... High Unreviewed
CVE-2025-67160 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect several product versions. If a local... Moderate Unreviewed
CVE-2025-53594 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2025-59380 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect Qfiling. The remote attackers can then... High Unreviewed
CVE-2025-59384 was published Jan 2, 2026
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2025-59381 was published Jan 2, 2026
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3... Moderate Unreviewed
CVE-2025-15432 was published Jan 2, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database