Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in... Critical Unreviewed
CVE-2025-52046 was published Jul 17, 2025
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution ... High Unreviewed
CVE-2023-47356 was published Jul 17, 2025
Successful exploitation of the vulnerability could allow an attacker to execute arbitrary... High Unreviewed
CVE-2025-52690 was published Jul 16, 2025
Successful exploitation of the vulnerability could allow an attacker with administrator... Low Unreviewed
CVE-2025-52687 was published Jul 16, 2025
Successful exploitation of the vulnerability could allow an attacker to inject commands with root... Critical Unreviewed
CVE-2025-52688 was published Jul 16, 2025
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and... Moderate Unreviewed
CVE-2025-52377 was published Jul 15, 2025
Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows... Critical Unreviewed
CVE-2025-3621 was published Jul 15, 2025
An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2... Moderate Unreviewed
CVE-2025-51650 was published Jul 14, 2025
Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2025-50756 was published Jul 14, 2025
A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This... Moderate Unreviewed
CVE-2025-7553 was published Jul 14, 2025
A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). This vulnerability... Moderate Unreviewed
CVE-2025-7414 was published Jul 10, 2025
A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This... Moderate Unreviewed
CVE-2025-7407 was published Jul 10, 2025
An authenticated command injection vulnerability exists in the Command line interface of HPE... High Unreviewed
CVE-2025-37102 was published Jul 8, 2025
MCP Server Kubernetes vulnerable to command injection in several tools High
CVE-2025-53355 was published for mcp-server-kubernetes (npm) Jul 8, 2025
dellalibera
Credited to dellalibera
Node.js Sandbox MCP Server vulnerability can lead to Sandbox Escape via Command Injection High
CVE-2025-53372 was published for node-code-sandbox-mcp (npm) Jul 8, 2025
dellalibera
Credited to dellalibera
A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u... Moderate Unreviewed
CVE-2025-7154 was published Jul 8, 2025
A vulnerability, which was classified as critical, has been found in Comodo Internet Security... High Unreviewed
CVE-2025-7097 was published Jul 7, 2025
A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-7083 was published Jul 6, 2025
A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-7082 was published Jul 6, 2025
A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by... Moderate Unreviewed
CVE-2025-7081 was published Jul 6, 2025
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell... Moderate Unreviewed
CVE-2025-24333 was published Jul 2, 2025
@cyanheads/git-mcp-server vulnerable to command injection in several tools High
CVE-2025-53107 was published for @cyanheads/git-mcp-server (npm) Jun 30, 2025
dellalibera cyanheads
Credited to dellalibera and cyanheads
An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to... Critical Unreviewed
CVE-2025-45931 was published Jun 30, 2025
File Browser vulnerable to command execution allowlist bypass High
CVE-2025-52995 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
Credited to mtausig and hacdias
File Browser: Command Execution not Limited to Scope High
CVE-2025-52904 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
Credited to mtausig and hacdias
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database