Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,996 advisories

Loading
Node.js Sandbox MCP Server vulnerability can lead to Sandbox Escape via Command Injection High
CVE-2025-53372 was published for node-code-sandbox-mcp (npm) Jul 8, 2025
dellalibera
Credited to dellalibera
A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u... Moderate Unreviewed
CVE-2025-7154 was published Jul 8, 2025
A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-7083 was published Jul 6, 2025
A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by... Moderate Unreviewed
CVE-2025-7081 was published Jul 6, 2025
A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-7082 was published Jul 6, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37089 was published Jun 2, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37096 was published Jun 2, 2025
Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell... Moderate Unreviewed
CVE-2025-24333 was published Jul 2, 2025
Databricks JDBC Driver Command Injection vulnerability High
CVE-2024-49194 was published for com.databricks:databricks-jdbc (Maven) Dec 17, 2024
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013... Moderate Unreviewed
CVE-2025-5447 was published Jun 2, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37092 was published Jun 2, 2025
@cyanheads/git-mcp-server vulnerable to command injection in several tools High
CVE-2025-53107 was published for @cyanheads/git-mcp-server (npm) Jun 30, 2025
dellalibera cyanheads
Credited to dellalibera and cyanheads
A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this... Moderate Unreviewed
CVE-2025-6897 was published Jun 30, 2025
An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to... Critical Unreviewed
CVE-2025-45931 was published Jun 30, 2025
Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent... High Unreviewed
CVE-2024-30220 was published Apr 15, 2024
A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17... Moderate Unreviewed
CVE-2025-6899 was published Jun 30, 2025
A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is... Moderate Unreviewed
CVE-2025-6896 was published Jun 30, 2025
A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1.... Moderate Unreviewed
CVE-2025-6898 was published Jun 30, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as critical. Affected... Moderate Unreviewed
CVE-2025-6620 was published Jun 26, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical.... Moderate Unreviewed
CVE-2025-6618 was published Jun 26, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical.... Moderate Unreviewed
CVE-2025-6619 was published Jun 26, 2025
A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c.884. This... Moderate Unreviewed
CVE-2025-6621 was published Jun 26, 2025
Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as... Moderate Unreviewed
CVE-2025-6522 was published Jun 27, 2025
A vulnerability was found in Qualitor 8.20. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2025-5139 was published May 25, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-45505 was published Nov 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database