GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,466
Composer 5,807
Erlang 58
GitHub Actions 50
Go 3,799
Maven 6,560
npm 6,147
NuGet 938
pip 5,036
Pub 13
RubyGems 1,059
Rust 1,351
Swift 54

Unreviewed advisories

All unreviewed 302,292

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,503 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell (tmsh) arp... High Unreviewed

CVE-2026-42937 was published May 13, 2026

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell (tmsh)... High Unreviewed

CVE-2026-41959 was published May 13, 2026

An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an... Moderate Unreviewed

CVE-2026-42058 was published May 13, 2026

Incorrect permission assignment vulnerabilities exist in iControl REST and TMOS shell (tmsh)... High Unreviewed

CVE-2026-40462 was published May 13, 2026

A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an... High Unreviewed

CVE-2026-41217 was published May 13, 2026

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before... Moderate Unreviewed

CVE-2026-7431 was published May 12, 2026

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6... High Unreviewed

CVE-2026-8110 was published May 12, 2026

A configuration file on the local file system had improper input validation which could allow... Moderate Unreviewed

CVE-2026-1185 was published May 12, 2026

ACAP applications can gain elevated privileges due to improper input validation during the... Moderate Unreviewed

CVE-2026-0541 was published May 12, 2026

Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates the daemon configuration... Moderate Unreviewed

CVE-2026-45222 was published May 11, 2026

@axonflow/openclaw fix introduces plugin cache and credential-file permission hardening Moderate

GHSA-cqmh-pcgr-q42f was published for @axonflow/openclaw (npm) May 6, 2026

Incorrect permission assignment for a resource in the patch management component of the... High Unreviewed

CVE-2026-41288 was published May 6, 2026

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique... Low Unreviewed

CVE-2026-6499 was published May 4, 2026

Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool Moderate

CVE-2026-41686 was published for @anthropic-ai/sdk (npm) Apr 29, 2026

GNU nano creates the user’s ~/.local directory with overly permissive permissions when the... Low Unreviewed

CVE-2026-40556 was published Apr 28, 2026

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in... Moderate Unreviewed

CVE-2026-41366 was published Apr 28, 2026

uutils coreutils has an Incorrect Permission Assignment for Critical Resource Low

CVE-2026-35367 was published for coreutils (Rust) Apr 22, 2026

uutils coreutils allows unauthorized modification of permissions on existing files High

CVE-2026-35341 was published for coreutils (Rust) Apr 22, 2026

A flaw was found in nano. In environments with permissive umask settings, a local attacker can... Low Unreviewed

CVE-2026-6842 was published Apr 22, 2026

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows... High Unreviewed

CVE-2026-22676 was published Apr 15, 2026

Pyroscope Exposes Storage Secret Critical

CVE-2025-41118 was published for github.com/grafana/pyroscope (Go) Apr 15, 2026

--- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: ... Low Unreviewed

CVE-2026-21727 was published Apr 15, 2026

Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1... Moderate Unreviewed

CVE-2026-21011 was published Apr 13, 2026

The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have... Moderate Unreviewed

CVE-2026-4482 was published Apr 10, 2026

OpenClaw: Feishu docx upload_file/upload_image Bypasses Workspace-Only Filesystem Policy (GHSA-qf48-qfv4-jjm9 Incomplete Fix) Low

CVE-2026-41911 was published for openclaw (npm) Apr 9, 2026

Previous1…61 Next

Previous 1 2 3 4 5 … 60 61 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,503 advisories