GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,428
Composer 5,654
Erlang 49
GitHub Actions 50
Go 3,606
Maven 6,433
npm 5,910
NuGet 924
pip 4,831
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,317

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

439 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to... Moderate Unreviewed

CVE-2026-41360 was published Apr 24, 2026

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file... Moderate Unreviewed

CVE-2026-41338 was published Apr 24, 2026

OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call... Moderate Unreviewed

CVE-2026-41337 was published Apr 24, 2026

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the chcon utility of uutils... Moderate Unreviewed

CVE-2026-35376 was published Apr 22, 2026

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the split utility of uutils... Moderate Unreviewed

CVE-2026-35374 was published Apr 22, 2026

A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils... High Unreviewed

CVE-2026-35352 was published Apr 22, 2026

The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by... Low Unreviewed

CVE-2026-35353 was published Apr 22, 2026

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use (TOCTOU)... Moderate Unreviewed

CVE-2026-35355 was published Apr 22, 2026

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the install utility of uutils... Moderate Unreviewed

CVE-2026-35356 was published Apr 22, 2026

The safe_traversal module in uutils coreutils, which provides protection against Time-of-Check to... Low Unreviewed

CVE-2026-35362 was published Apr 22, 2026

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv utility of uutils... Moderate Unreviewed

CVE-2026-35354 was published Apr 22, 2026

A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mv utility of uutils... Moderate Unreviewed

CVE-2026-35364 was published Apr 22, 2026

The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use (TOCTOU)... Moderate Unreviewed

CVE-2026-35360 was published Apr 22, 2026

The cp utility in uutils coreutils is vulnerable to an information disclosure race condition.... Moderate Unreviewed

CVE-2026-35357 was published Apr 22, 2026

When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function... Low Unreviewed

CVE-2026-5958 was published Apr 20, 2026

Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2... Moderate Unreviewed

CVE-2026-3590 was published Apr 17, 2026

A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member... Moderate Unreviewed

CVE-2026-3428 was published Apr 16, 2026

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub... Moderate Unreviewed

CVE-2026-1880 was published Apr 16, 2026

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker... High Unreviewed

CVE-2026-27929 was published Apr 14, 2026

A Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability in Balena Etcher for Windows... High Unreviewed

CVE-2026-30332 was published Apr 2, 2026

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs-bridge staged... Moderate Unreviewed

CVE-2026-32988 was published Mar 31, 2026

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until... High Unreviewed

CVE-2026-23554 was published Mar 23, 2026

OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that... Moderate Unreviewed

CVE-2026-27670 was published Mar 19, 2026

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference... Moderate Unreviewed

CVE-2025-22850 was published Mar 11, 2026

Time-of-check time-of-use race condition in the WheaERST SMM module for some Intel(R) reference... High Unreviewed

CVE-2025-20028 was published Mar 11, 2026

Previous1…18 Next

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

439 advisories