Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,049 advisories

Loading
Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool Critical
CVE-2025-67511 was published for cai-framework (pip) Dec 9, 2025
edoardottt
Credited to edoardottt
Improper neutralization of special elements used in a command ('command injection') in Copilot... High Unreviewed
CVE-2025-64671 was published Dec 9, 2025
Improper neutralization of special elements used in a command ('command injection') in Windows... High Unreviewed
CVE-2025-54100 was published Dec 9, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... High Unreviewed
CVE-2025-40937 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Due to... High Unreviewed
CVE-2024-56837 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). During... High Unreviewed
CVE-2024-56836 was published Dec 9, 2025
Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated... Moderate Unreviewed
CVE-2025-65363 was published Dec 8, 2025
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the... Moderate Unreviewed
CVE-2025-14225 was published Dec 8, 2025
A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the... Moderate Unreviewed
CVE-2025-14204 was published Dec 8, 2025
nitro-tpm-pcr-compute may allow kernel command line modification by an account operator Moderate
GHSA-xrv8-2pf5-f3q7 was published for nitro-tpm-pcr-compute (Rust) Dec 5, 2025
agraf mariusknaust
Credited to agraf and mariusknaust
A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub_416990... Moderate Unreviewed
CVE-2025-14093 was published Dec 5, 2025
A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function... Moderate Unreviewed
CVE-2025-14094 was published Dec 5, 2025
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local... Moderate Unreviewed
CVE-2025-64052 was published Dec 5, 2025
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the... Moderate Unreviewed
CVE-2025-14092 was published Dec 5, 2025
The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non... Moderate Unreviewed
CVE-2025-1910 was published Dec 5, 2025
mcp-server-kubernetes has potential security issue in exec_in_pod tool Moderate
CVE-2025-66404 was published for mcp-server-kubernetes (npm) Dec 3, 2025
lavenderlilly
Credited to lavenderlilly
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an... High Unreviewed
CVE-2025-57198 was published Dec 3, 2025
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an... High Unreviewed
CVE-2025-57199 was published Dec 3, 2025
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an... High Unreviewed
CVE-2025-57201 was published Dec 3, 2025
Claude Code Command Validation Bypass Allows Arbitrary Code Execution High
CVE-2025-66032 was published for @anthropic-ai/claude-code (npm) Dec 3, 2025
Ry0taK
Credited to Ry0taK
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an... Moderate Unreviewed
CVE-2025-57200 was published Dec 3, 2025
FeehiCMS Has a Remote Code Execution via Unrestricted File Upload in Ad Management Moderate
CVE-2025-65657 was published for feehi/cms (Composer) Dec 2, 2025
A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the... Critical Unreviewed
CVE-2025-60854 was published Dec 2, 2025
willitmerge has a Command Injection vulnerability Moderate
CVE-2025-66219 was published for willitmerge (npm) Nov 26, 2025
lirantal
Credited to lirantal
An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers... Moderate Unreviewed
CVE-2025-63674 was published Nov 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database