Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
@whyour/qinglong: manipulation of the argument command leads to protection mechanism failure Low
CVE-2026-3965 was published for @whyour/qinglong (npm) Mar 12, 2026
OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode Low
GHSA-8mf7-vv8w-hjr2 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing Low
CVE-2025-66479 was published for @anthropic-ai/sandbox-runtime (npm) Dec 4, 2025
@misskey-dev/summaly Redirect Filter Bypass Low
CVE-2025-46553 was published for @misskey-dev/summaly (npm) May 5, 2025
warriordog Credited to warriordog
Mattermost Desktop App fails to sufficiently configure Electron Fuses Low
CVE-2024-45835 was published for mattermost-desktop (npm) Sep 16, 2024
Mattermost Desktop App allows for bypassing TCC restrictions on macOS Low
CVE-2024-36287 was published for mattermost-desktop (npm) Jun 14, 2024
Context isolation bypass in Electron Low
CVE-2020-15215 was published for electron (npm) Oct 6, 2020
nornagon Credited to nornagon and MarshallOfSound MarshallOfSound MarshallOfSound
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database